[Openswan Users] IPsec-Setup

Thomas Schweikle tps at vr-web.de
Fri Apr 15 08:28:15 EDT 2011


Am 15.04.2011 05:01, schrieb SilverTip257:
> Maybe this applies...
> A time or two during my testing when I would remove or update a "conn"
> for some reason a routing table entry _seemed_ to remain.  I haven't
> had this type of behavior since I created a proper configuration.
> 
> During that time period I simply removed the routing table entries
> with the `route (add|del)` command or `ip route (add|del)`.  Openswan
> added the necessary entries when I brought the tunnel up again.
> 
> However if the systems are establishing the connection for the first
> time, then there shouldn't be any remnant routing table entries.
> My suggestion would be for Thomas to check his routing table.
> `route -n` -OR- `ip route show`

on the remote system (192.168.180.27):
# route -n
Kernel IP routing table
Destination   Gateway     Genmask       Flags Metric Ref  Use Iface
192.168.180.0 0.0.0.0     255.255.254.0 U     0      0      0 eth1
222.66.76.0   0.0.0.0     255.255.254.0 U     0      0      0 eth0
0.0.0.0       222.66.76.1 0.0.0.0       UG    100    0      0 eth0

the local system (192.168.1.4):
# route -n
Kernel-IP-Routentabelle
Ziel          Router      Genmask       Flags Metric Ref  Use Iface
192.168.1.0   0.0.0.0     255.255.255.0 U     0      0      0 eth0
0.0.0.0       192.168.1.1 0.0.0.0       UG    100    0      0 eth0

The routing tables are after restarting the whole machine with
"/sbin/reboot". ipsec is running then.


-- 
Thomas

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 219 bytes
Desc: OpenPGP digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20110415/8617acc7/attachment.bin 


More information about the Users mailing list