[Openswan Users] route for remote subnet on site to site VPN not being added

matt.bazan at comcast.net matt.bazan at comcast.net
Sun Oct 24 12:01:50 EDT 2010

ok i see.  do you have any suggestions on what i can look for to figure out why packets are not crossing the tunnel?  ive followed the suggestions in http://wiki.openswan.org/index.php/Openswan/DebuggingTCPDump but can find a reason.

----- "Paul Wouters" <paul at xelerance.com> wrote:

> On Sun, 24 Oct 2010, matt.bazan at comcast.net wrote:
> > my tunnel is coming up based upon following log details:
> >
> > Oct 23 20:44:35 ubuntuFW pluto[28333]: "SF-To-Trenton" #88: the peer
> proposed: ->
> > Oct 23 20:44:35 ubuntuFW pluto[28333]: "SF-To-Trenton" #89:
> STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x9c5becf1
> <0xf3bf5444 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
> > however, when looking at my routing table the route for the remote
> subnet ( is not being added.  the same is true on the
> right hand side.
> If you use netkey, that's normal. The netkey stack picks packets up
> deep inside the linux
> packet pie with special hooks. Where as klips gets the packets via
> routing.
> Paul

More information about the Users mailing list