[Openswan Users] IPsec after restart won't come up again: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]

[Gertjan Baarda]

Hee guys,

I have a little of a nasty issue. Due to remote maintanance I took down a
properly working IPsec connection (100+ days), and it won't come up again.
Nothing changed on the router, it just won't start. Log keeps nagging this:

ERROR: asynchronous network error report on eth0 for message to
84.xxx.235.52 port 500, complainant 84.xxx.232.133: No route to host [errno
113, origin ICMP type 3 code 1 (not authenticated)]

It is a production IPsec to a supplier. I have no influence on the other
side of the IPsec configs.

So:
- Which route is it talking about here?
- Google suggest their might be a routing issue 'on the other side'. Is it
possible the other side changed something during the 100+ days of uptime
that it won't start now?
- Any help would be much appreciated, cause my customer will not like it
tomorrow morning. ;-)

PS topology, no natting involved.
192.168.11.0/24 -- my_ext_IP ---www--- 84.xxx.235.52 -- 172.16.x.x/24

Thanks!
GB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130410/f426b06e/attachment.html>