[Openswan Users] IPv6 and road warrior

[David McCullough]

Jivin Paul Wouters lays it down ...
> On Thu, 10 Mar 2011, Maciej Galkiewicz wrote:
> 
> > I would like to encrypt traffic between "a" and "b". "A" has
> > configuration which accepts road warriors:
> >
> > conn a-b
> >        left=2a01:dead:beaf:3ffd:d20d:52ff:fef7:941
> >        right=%any
> >        rightid=@b
> 
> add a leftid=@a ?
> 
> >        leftrsasigkey=0sAw...
> >        rightrsasigkey=0sAw...
> >        type=transport
> >        connaddrfamily=ipv6
> >        auto=add
> >
> > "B" is a road warrior:
> >
> > conn a-b
> >        right=2a01:dead:beaf:3ffd:d20d:52ff:fef7:941
> >        left=%defaultroute
> >        leftid=@b
> 
> This contradicts the other rightid=@a ?
> 
> >        leftrsasigkey=0sAw...
> >        rightrsasigkey=0sAw...
> >        type=transport
> >        connaddrfamily=ipv6
> >        auto=start
> >
> > "A" does not seem to listen on appropriate IP address:
> > # netstat -tunlp
> > udp6       0      0 2a01:dead:beaf:3ffd:d:500 :::*
> >           10762/pluto
> >
> > In "b" logs I have:
> > ipsec__plutorun: 003 ERROR: "a-b" #2: sendto on eth0 to
> > 2a01:dead:beaf:3ffd:d20d:52ff:fef7:941:500 failed in main_outI1. Errno
> > 97: Address family not supported by protocol
> >
> > How to fix this issue?
> 
> I'm not sure what's going on here. Is this openswan 2.6.33? That has a bunch
> of ipv6 updates from David...

It contains a lot of changes to klips,  but basically none to pluto.
I think a barf might help,  did you compile this yourself ?  Which version ?
Does eth0 have IPv6 configured appropriately ?

Cheers,
Davidm

-- 
David McCullough,      david_mccullough at mcafee.com,  Ph:+61 734352815
McAfee - SnapGear      http://www.mcafee.com         http://www.uCdot.org