[Openswan Users] Asymmetric routing between Shrewsoft 2.1.7 and OpenSwan
Erich Titl
erich.titl at think.ch
Thu Aug 25 13:34:03 EDT 2011
Hi Paul
on 25.08.2011 16:52, Paul Wouters wrote:
> On Thu, 25 Aug 2011, Erich Titl wrote:
>
...
>
>> s:policy-list-include:172.29.0.0 / 255.255.0.0
>
> It seems covered by the policy. My guess is that because the remote is in
> the same LAN, it might not hit the routing code, and therefor not hit the
> srewsoft client. (but I have no idea of how they hook things into windows,
> so its a wild guess)
>
> You can try changing the LAN to be a smaller segment and see if it suddenly
> starts working properly to confirm this.
Thanks for your thoughts, why do you think the policy covers it? The
destination net is in 172.29.0.0/16 whereas the source lives in
172.22.53.10/32. They should not overlap.
Actually vlanxx, the transport network, is a 192.168.1.0/24 network.
The remote is physically connected to the client, but OpenSwan is
listening on a different LAN segment.
Thanks
Erich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2182 bytes
Desc: S/MIME Kryptografische Unterschrift
Url : http://lists.openswan.org/pipermail/users/attachments/20110825/86a7d46c/attachment-0001.bin
More information about the Users
mailing list