[Openswan Users] Routing problem in Ipsec ?
SCHNEIDER Benoit
ton.ami.totoro at gmail.com
Fri May 6 10:45:15 EDT 2011
Thank's for answering.
I will chek for it.
I can't use "ipsec eroute" It make me a error "/usr/lib/ipsec/eroute: NETKEY
does not support eroute table."
I want de says thant when I do a traceroute of a IP adresse who is bihind
the tunnel, the traceroute, don't use the tunnel.
The tunnel don't look to be taken.
Regards
Totoro
2011/5/6 Paul Wouters <paul at xelerance.com>
> On Fri, 6 May 2011, SCHNEIDER Benoit wrote:
>
> At my job we have a VPN's server who have many VPN tunnel up (near 300)
>> I have a problem with on of them.
>> The VPN is up, but when I'm trying to ping a IP adresse who is bihind the
>> tunnel the ping packet go outsid of the
>> tunnel. He look to don't take the right network intephace
>>
>> Did they have a way to see all routing table who work in Ipsec, and fixe
>> it ?
>>
>
> I am not sure what you mean. For KLIPS, you can use "ipsec eroute" and
> "route -n" to
> check. With NETKEY you have to dig through "ip xfrm state" (and no routes
> are used)
>
> You probably have a typo in the address range and it matches no policies
> (and when
> using KLIPS, the typoed route was added) ?
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110506/ba2f22ae/attachment.html
More information about the Users
mailing list