Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

RE: [Users] FSwan and Virtual Ip's

From: Bantoft, Ken (kbantoft_at_mdsp.com)
Date: Fri May 24 2002 - 02:54:12 CEST

Next message: eneal_at_jcntv.com: "Re: [Users] What is libresolv.a"
Previous message: Mike Thomas: "Re: [Users] FSwan and Virtual Ip's"
Maybe in reply to: Mike Thomas: "[Users] FSwan and Virtual Ip's"
Next in thread: Mike Thomas: "Re: [Users] FSwan and Virtual Ip's"
Reply: Mike Thomas: "Re: [Users] FSwan and Virtual Ip's"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Mike,

Need more information - post your ifconfig and route -n statements
(sanitized if need be)

It does work on interfaces (I run it exclusivly on aliases on 8 boxes at the
moment). Sometimes you need to do a bit of extra routing to make it work
properly...

Ken Bantoft
kbantoft_at_mdsp.com

> -----Original Message-----
> From: Mike Thomas [mailto:mike_at_bedarra.com]
> Sent: Thursday, May 23, 2002 1:58 PM
> To: users_at_lists.freeswan.org
> Subject: [Users] FSwan and Virtual Ip's
>
>
>
>
> Hi,
>
> I searched the list but could not find anything directly
> relevant to my
> problem. I use a dedicated hosting box that uses Virtual IP's. When I
> attempt to use FSwan on either of the virtual IP's it fails with the
> error below. If I use it on the primary IP it works, but I
> can then no
> longer access the machine via the virtual IP's assigned to
> it. Obviously
> routing is the problem, but I have no idea how this magically
> works with
> virtual IP's.
>
> ipsec0 is being assigned to the correct virtual interface
> listed in the
> interfaces= section of ipsec.conf. It does not seem to matter
> what I try
> and use as the leftnexthop value, all fail. (My inclination
> was to use
> the IP of the default gateway).
>
> Any help gratefully appreciated,
>
> Mike.
>
>
> "gateway" 24.42.244.146 #2: route-host output: SIOCADDRT: Network is
> unreachable
> May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> route-host output: /usr/local/lib/ipsec/_updown: `route add
> -net 0.0.0.0
> netmask 128.0.0.0 dev ipsec0 gw xxx.64.129.xx &&
> May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> route-host output: \011\011\011route add -net 128.0.0.0 netmask
> 128.0.0.0 dev ipsec0 gw 198.64.129.68' failed
> May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> route-host output: /usr/local/lib/ipsec/_updown: (incorrect
> or missing
> nexthop setting??)
> May 23 13:21:06 linux10670 Pluto[10571]: "gateway" xx.xx.xx.146 #2:
> route-host command exited with status 7
> May 23 13:21:06 linux10670 Pluto[5117]: |
>
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
>

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: eneal_at_jcntv.com: "Re: [Users] What is libresolv.a"
Previous message: Mike Thomas: "Re: [Users] FSwan and Virtual Ip's"
Maybe in reply to: Mike Thomas: "[Users] FSwan and Virtual Ip's"
Next in thread: Mike Thomas: "Re: [Users] FSwan and Virtual Ip's"
Reply: Mike Thomas: "Re: [Users] FSwan and Virtual Ip's"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:06 CEST