[Openswan Users] Can't get traffic over ipSec

Paul Wouters paul at xelerance.com
Wed Aug 31 15:59:41 EDT 2011

On Tue, 30 Aug 2011, Martin Walker wrote:

> I am using OpenSwan on Centos6
> When I could not get traffic using the default install I compiled 2.6.35
> (klips)
> I get a tunnel established:
> #ipsec eroute
> 0        ->        => tun0x1004 at

> saddr=, er=0p(null), daddr=, er_dst=0, proto=1
> sport=0 dport=0
> Aug 30 12:37:24 ipsec kernel: klips_debug:ipsec_xmit_encap_bundle: shunt
> SA of DROP or no eroute: dropping.

Note it is using your public IP. You did not use ping -I 10.0.a.b

> Any ideas would be appreciated.

Add leftsourceip=10.0.a.b and rightsourceip= to automatically use
your LAN IPs for communicating between the servers.


More information about the Users mailing list