[Openswan Users] Determing connection name
Nick Howitt
nick at howitts.co.uk
Thu May 28 03:01:06 EDT 2015
I don't think you see the correct conn name until Quick Mode is
negotiated. In Main Mode it can pick any valid conn name to match
against. If you are using "auto=add" in your conn, it should route
automatically. This looks more like a configuration error with a failed
negotiation rather than a failure to route.
Regards,
Nick
On 2015-05-28 01:40, Jesse N Perez wrote:
> I'm looking for a way to determine the connection name that I can use
> in a call to "ipsec auto --route <conn-name>" for a gateway.conf using
> "right=%any"
>
> When I do a "ipsec auto --status | grep 10.107.76.160" I get...
> 000 "gateway-conn"[4682]:
> 10.60.87.6<10.60.87.6>[+S=C]...10.107.76.160[+S=C]; unrouted; eroute
> owner: #0
> 000 #34977: "gateway-conn"[4682] 10.107.76.160:500 STATE_MAIN_R2
> (sent MR2, expecting MI3); EVENT_RETRANSMIT in 19s; lastdpd=-1s(seq
> in:0 out:0); idle; import:not set
>
> and see its unrouted. Note the conn-name is shown as
> gateway-conn[4682] where 4682 is the index number pluto must have
> chosen for this connection.
>
> So if I want to route this connection using "ipsec auto --route
> <conn-name>" how can I find the connection name?
>
> Thanks,
>
> Jesse N. Perez
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list