IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] FSwan and Virtual Ip's

From: Mike Thomas (mike_at_bedarra.com)
Date: Fri May 24 2002 - 03:19:42 CEST

Bantoft, Ken wrote:

>
>
> Mike,
>
> Need more information - post your ifconfig and route -n statements
> (sanitized if need be)

  Thanks,
     Here is some additional info as requested. Also, I am connecting
from behind a linksys router doing NAT. I don't believe this is the
problem as when I use the non-virtual IP FS works.

  Thanks again,

  Mike.

ifconfig:

eth0 Link encap:Ethernet HWaddr 00:03:47:A5:55:DF
           inet addr:198.64.129.55 Bcast:198.64.129.63
Mask:255.255.255.192
           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
           RX packets:48864 errors:0 dropped:0 overruns:0 frame:0
           TX packets:30346 errors:0 dropped:0 overruns:0 carrier:0
           collisions:80 txqueuelen:100
           Interrupt:21

eth0:1 Link encap:Ethernet HWaddr 00:03:47:A5:55:DF
           inet addr:198.64.133.69 Bcast:198.64.133.255
Mask:255.255.255.252
           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
           Interrupt:21

eth0:2 Link encap:Ethernet HWaddr 00:03:47:A5:55:DF
           inet addr:198.64.133.70 Bcast:198.64.133.255
Mask:255.255.255.252
           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
           Interrupt:21

eth1 Link encap:Ethernet HWaddr 00:03:47:A5:55:E0
           inet addr:192.168.180.115 Bcast:192.168.180.255
Mask:255.255.255.0
           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
           RX packets:955 errors:0 dropped:0 overruns:0 frame:0
           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:100
           Interrupt:20 Base address:0x2000

ipsec0 Link encap:Ethernet HWaddr 00:03:47:A5:55:DF
           inet addr:198.64.133.69 Mask:255.255.255.252
           UP RUNNING NOARP MTU:16260 Metric:1
           RX packets:419 errors:0 dropped:49 overruns:0 frame:0
           TX packets:370 errors:0 dropped:52 overruns:0 carrier:0
           collisions:0 txqueuelen:10

lo Link encap:Local Loopback
           inet addr:127.0.0.1 Mask:255.0.0.0
           UP LOOPBACK RUNNING MTU:16436 Metric:1
           RX packets:7 errors:0 dropped:0 overruns:0 frame:0
           TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0

route tables:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.180.115 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
198.64.129.55 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
198.64.133.68 0.0.0.0 255.255.255.252 U 0 0 0 eth0
198.64.133.68 0.0.0.0 255.255.255.252 U 0 0 0
ipsec0
198.64.129.0 0.0.0.0 255.255.255.192 U 0 0 0 eth0
192.168.180.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 198.64.129.1 0.0.0.0 UG 0 0 0 eth0

ipsec.conf

config setup
        # THIS SETTING MUST BE CORRECT or almost nothing will work;
        # %defaultroute is okay for most simple cases.
        interfaces=ipsec0=eth0:1
        #interfaces=%defaultroute
        # Debug-logging controls: "none" for (almost) none, "all" for lots.
        klipsdebug=none
        plutodebug=none
        # Use auto= parameters in conn descriptions to control startup actions.
        plutoload=%search
        plutostart=%search
        # Close down old connection when new one using same ID shows up.
        uniqueids=yes

# defaults for subsequent connection descriptions
# (these defaults will soon go away)
conn %default
        keyingtries=0
        disablearrivalcheck=no
        authby=rsasig
        left=198.64.133.69
        leftrsasigkey=%cert
        rightrsasigkey=%cert
        leftid="@C=CA, ST=ZZ, O=XX, CN=VPN Gateway"
        leftnexthop=198.64.129.1

conn gateway
        right=%any
        rightsubnet=0/0
        rightid="@C=CA, ST=ZZ, O=XX, CN=VPN Client"
        auto=add

> >
> > I searched the list but could not find anything directly
> > relevant to my
> > problem. I use a dedicated hosting box that uses Virtual IP's. When I
> > attempt to use FSwan on either of the virtual IP's it fails with the
> > error below.

> >
> >
> > "gateway" 24.42.244.146 #2: route-host output: SIOCADDRT: Network is
> > unreachable
> > May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> > route-host output: /usr/local/lib/ipsec/_updown: `route add
> > -net 0.0.0.0
> > netmask 128.0.0.0 dev ipsec0 gw xxx.64.129.xx &&
> > May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> > route-host output: \011\011\011route add -net 128.0.0.0 netmask
> > 128.0.0.0 dev ipsec0 gw 198.64.129.68' failed
> > May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> > route-host output: /usr/local/lib/ipsec/_updown: (incorrect
> > or missing
> > nexthop setting??)
> > May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> > route-host command exited with status 7
> > May 23 13:21:06 linux10670 Pluto[5117]: |
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users_at_lists.freeswan.org
> > http://lists.freeswan.org/mailman/listinfo/users
> >
>

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:06 CEST