[Openswan Users] Can't get traffic over ipSec
Paul Wouters
paul at xelerance.com
Wed Aug 31 15:59:41 EDT 2011
On Tue, 30 Aug 2011, Martin Walker wrote:
> I am using OpenSwan on Centos6
>
> When I could not get traffic using the default install I compiled 2.6.35
> (klips)
>
> I get a tunnel established:
>
> #ipsec eroute
> 0 10.0.0.0/16 -> 10.1.0.0/16 => tun0x1004 at 62.128.215.101
> saddr=109.169.13.252, er=0p(null), daddr=10.1.100.100, er_dst=0, proto=1
> sport=0 dport=0
> Aug 30 12:37:24 ipsec kernel: klips_debug:ipsec_xmit_encap_bundle: shunt
> SA of DROP or no eroute: dropping.
Note it is using your public IP. You did not use ping -I 10.0.a.b 10.1.100.100
> Any ideas would be appreciated.
Add leftsourceip=10.0.a.b and rightsourceip=10.1.100.100 to automatically use
your LAN IPs for communicating between the servers.
Paul
More information about the Users
mailing list