From: Ian Morgan (imorgan_at_webcon.net)
Date: Thu Oct 10 2002 - 20:23:28 CEST
On host A (192.168.1.1):
# ipsec eroute
0 0.0.0.0/0 -> 192.168.1.130/32 => tun0x100a_at_192.168.1.130
10 192.168.1.0/24 -> 192.168.0.0/16 => tun0x1004_at_66.x.x.x
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.1.130 192.168.1.130 255.255.255.255 UGH 0 0 0 ipsec2
24.43.40.0 * 255.255.255.128 U 0 0 0 eth0
24.43.40.0 * 255.255.255.128 U 0 0 0 ipsec0
192.168.1.0 * 255.255.255.128 U 0 0 0 eth1
192.168.1.0 * 255.255.255.128 U 0 0 0 ipsec1
192.168.1.128 * 255.255.255.128 U 0 0 0 eth2
192.168.1.128 * 255.255.255.128 U 0 0 0 ipsec2
192.168.0.0 router 255.255.0.0 UG 0 0 0 ipsec0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default router 0.0.0.0 UG 0 0 0 eth0
Trying to ping host B (192.168.1.130) from Host A 192.168.1.129), klips
debugging tells me that ipsec_findroute thinks that tun0x1004 is correct,
when it is obviously not. Yet, ipsec_tunnel_start_xmit still calls
"ip_send() on device:eth2" (the correct route for the tun0x100a),
when the route to tun0x1004 is eth0!
Anybody know WTF is going on!?
66.x.x.x---internet---HostA---HostB
Similarily, pings from Host B to Host A arrive OK, the the pongs get
misrouted as above, and never get back to host B.
FreeS/WAN 1.98b on both ends.
Regards,
Ian Morgan
--
-------------------------------------------------------------------
Ian E. Morgan Vice President & C.O.O. Webcon, Inc.
imorgan_at_webcon.ca PGP: #2DA40D07 www.webcon.ca
* Customized Linux network solutions for your business *
-------------------------------------------------------------------
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sat Oct 12 2002 - 05:20:25 CEST