[Openswan Users] Tunnel up - packets sent thru - but no forwarding to target ! routing issue ?

Gerhard Reuter gerhard.reuter at bayer.com
Fri Nov 21 04:30:13 EST 2014


after adding   "leftsourceip=" to my /etc/ipsec.conf, I have now an advanced routing table

root at ip-172-31-6-249:~# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface UH        0 0          0 lo         UG        0 0          0 eth0 UH        0 0          0 eth0   U         0 0          0 eth0 is my client and this line was added now

Unfortunately the 2 issues are still there:

000 "RWConn"[2]:<>[@,+XS+S=C]:17/1701...212.64.xxx.xxx[@,+MC+XC+S=C]:17/0===; erouted; eroute owner: #2

Ping Packets from server are reaching the Openswan ( but are not sent into the tunnel
Ping Packets from client are tunneled thru the Internet-VPN to the OpenSwan ( but are not forwarded to the server

openswan and the server are located at AWS. I disabled the "source/dest checking" for the OpenSwan and the Server and did the following settings on the OpenSwan:

sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_source_route = 1
net.ipv4.conf.all.accept_source_route = 1
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
root at ip-172-31-6-249:~#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20141121/34fd687e/attachment.html>

More information about the Users mailing list