[Openswan Users] route for remote subnet on site to site VPN not being added
matt.bazan at comcast.net
matt.bazan at comcast.net
Sun Oct 24 12:01:50 EDT 2010
ok i see. do you have any suggestions on what i can look for to figure out why packets are not crossing the tunnel? ive followed the suggestions in http://wiki.openswan.org/index.php/Openswan/DebuggingTCPDump but can find a reason.
thx-
matt
----- "Paul Wouters" <paul at xelerance.com> wrote:
> On Sun, 24 Oct 2010, matt.bazan at comcast.net wrote:
>
> > my tunnel is coming up based upon following log details:
> >
> > Oct 23 20:44:35 ubuntuFW pluto[28333]: "SF-To-Trenton" #88: the peer
> proposed: 192.168.0.0/24:0/0 -> 192.168.10.0/24:0/0
>
> > Oct 23 20:44:35 ubuntuFW pluto[28333]: "SF-To-Trenton" #89:
> STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x9c5becf1
> <0xf3bf5444 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
>
> > however, when looking at my routing table the route for the remote
> subnet (192.168.10.0) is not being added. the same is true on the
> right hand side.
>
> If you use netkey, that's normal. The netkey stack picks packets up
> deep inside the linux
> packet pie with special hooks. Where as klips gets the packets via
> routing.
>
> Paul
More information about the Users
mailing list