[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 02512) Re: (KAME-snap 7948) IPsec & tunnel problem


Am Die, 2003-08-19 um 17.01 schrieb Michal Ludvig:

> NetBSD 1.6.1
> ----+-------
>      | (pcn0), (lo0)
>      |
>      |
>      | (eth0), (lo)
> ----+-------
> Linux 2.6.0-test2

> But when I wanted to make a tunnel between and 
> it didn't work. Racoon was never triggered to create SA 
> with the other side (tried to ping 192.168.x.x in both directions, but 
> no success).
What does your routing table say? Without testing anything I would
suppose the following:
When you ping on the Linux box, the Linux box picks the IP address as source IP address.
Thus the packet would not trigger racoon.
Try the following:
Create a new routing table and a rule whenever a packet goes to it should use that table
Then create a route inside this table, that uses as a
source address.

I have not tested it, so your mileage may vary, but it should work ;-)


Ralf Spenneberg

Book: Intrusion Detection für Linux Server   http://www.spenneberg.com
IPsec-Howto				     http://www.ipsec-howto.org
Honeynet Project Mirror:                     http://honeynet.spenneberg.org