[Openswan Users] IPv6 and road warrior
Paul Wouters
paul at xelerance.com
Sat Mar 12 18:28:03 EST 2011
On Thu, 10 Mar 2011, Maciej Gałkiewicz wrote:
> I would like to encrypt traffic between "a" and "b". "A" has
> configuration which accepts road warriors:
>
> conn a-b
> left=2a01:dead:beaf:3ffd:d20d:52ff:fef7:941
> right=%any
> rightid=@b
add a leftid=@a ?
> leftrsasigkey=0sAw...
> rightrsasigkey=0sAw...
> type=transport
> connaddrfamily=ipv6
> auto=add
>
> "B" is a road warrior:
>
> conn a-b
> right=2a01:dead:beaf:3ffd:d20d:52ff:fef7:941
> left=%defaultroute
> leftid=@b
This contradicts the other rightid=@a ?
> leftrsasigkey=0sAw...
> rightrsasigkey=0sAw...
> type=transport
> connaddrfamily=ipv6
> auto=start
>
> "A" does not seem to listen on appropriate IP address:
> # netstat -tunlp
> udp6 0 0 2a01:dead:beaf:3ffd:d:500 :::*
> 10762/pluto
>
> In "b" logs I have:
> ipsec__plutorun: 003 ERROR: "a-b" #2: sendto on eth0 to
> 2a01:dead:beaf:3ffd:d20d:52ff:fef7:941:500 failed in main_outI1. Errno
> 97: Address family not supported by protocol
>
> How to fix this issue?
I'm not sure what's going on here. Is this openswan 2.6.33? That has a bunch
of ipv6 updates from David...
Paul
More information about the Users
mailing list