[Openswan Users] IPSEC routing refuses to go through the tunnel
Greg Scott
GregScott at InfraSupportEtc.com
Thu Mar 18 23:02:15 EDT 2010
And here's the output from ip xfrm policy (with edited public IP
Addresses). The answer to my problem has to be somewhere in here. What
generates these things and how do I fix it?
[root at lme-fw2 ipsec.d]# ip xfrm policy show
src 192.168.0.0/16 dst 192.168.0.0/16
dir in priority 0 ptype main
src 10.200.1.0/24 dst 10.200.1.0/24
dir in priority 0 ptype main
src 172.21.10.0/24 dst 192.168.0.0/16
dir in priority 2600 ptype main
tmpl src 67.77.61.191 dst 1.2.3.50
proto esp reqid 16389 mode tunnel
src 172.21.7.0/24 dst 192.168.0.0/16
dir in priority 2600 ptype main
tmpl src 3.2.1.145 dst 1.2.3.50
proto esp reqid 16385 mode tunnel
src 172.21.2.0/24 dst 192.168.0.0/16
dir in priority 2600 ptype main
tmpl src 99.135.79.74 dst 1.2.3.50
proto esp reqid 16393 mode tunnel
src 192.168.0.0/16 dst 192.168.0.0/16
dir out priority 0 ptype main
src 10.200.1.0/24 dst 10.200.1.0/24
dir out priority 0 ptype main
src 192.168.0.0/16 dst 172.21.7.0/24
dir out priority 2600 ptype main
tmpl src 1.2.3.50 dst 3.2.1.145
proto esp reqid 16385 mode tunnel
src 192.168.0.0/16 dst 172.21.10.0/24
dir out priority 2600 ptype main
tmpl src 1.2.3.50 dst 67.77.61.191
proto esp reqid 16389 mode tunnel
src 192.168.0.0/16 dst 172.21.2.0/24
dir out priority 2600 ptype main
tmpl src 1.2.3.50 dst 99.135.79.74
proto esp reqid 16393 mode tunnel
src 172.21.10.0/24 dst 192.168.0.0/16
dir fwd priority 2600 ptype main
tmpl src 67.77.61.191 dst 1.2.3.50
proto esp reqid 16389 mode tunnel
src 172.21.7.0/24 dst 192.168.0.0/16
dir fwd priority 2600 ptype main
tmpl src 3.2.1.145 dst 1.2.3.50
proto esp reqid 16385 mode tunnel
src 172.21.2.0/24 dst 192.168.0.0/16
dir fwd priority 2600 ptype main
tmpl src 99.135.79.74 dst 1.2.3.50
proto esp reqid 16393 mode tunnel
src ::/0 dst ::/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0 ptype main
src ::/0 dst ::/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0 ptype main
[root at lme-fw2 ipsec.d]#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100318/63ccb20d/attachment-0001.html
More information about the Users
mailing list