[Openswan Users] Openswan with NETKEY and monitoring data
Paul Wouters
paul at xelerance.com
Wed Apr 6 16:08:27 EDT 2011
On Wed, 6 Apr 2011, Mark Dalton wrote:
> I am not seeing the data to the destination host.
>
> 192.168.1.0/25 -- Cisco VPN ---- (eth0)OpenSwan -- (eth2) virtual
> IPs 192.168.0.0/25
> (internal) (public IP) (public)
Did you really mean /25 and not /24?
> We just see 'src 192.168.', the other data we see is mostly
> ESP --> OpenSwan (public IP)
The ESP is the encrypted data.
> conn tunnel
> type= tunnel
> authby= secret
> left= <openswan public IP>
> leftsubnet= 0.0.0.0/0
> leftnexthop= 192.168.0.0
That's not a valid nexthop. It should point to the IP of the gateway on the interface you
need to go out on, or in the default non-specified way, that of the %defaultroute.
> right= <ext cisco public IP>
> rightsubnet= 192.168.1.0/25
Note 0.0.0.0/0 <-> 192.168.1.0/25 does not match your diagram at the top that has
192.168.1.0/25 <-> 192.168.0.0/25
Paul
More information about the Users
mailing list