Topic: Freeswan Fun

[Justin]

Has anyone come across this yet?

Jan 17 19:14:01 gateway Pluto[345]: "gate.local-gate.192.168.3.0" #4: route-host output: SIOCADDRT: Network is unreachable

Jan 17 19:14:01 gateway Pluto[345]: "gate.local-gate.192.168.3.0" #4: route-host output: /usr/lib/ipsec/_updown: route add -net 24.x.x.x netmask 255.255.255.255' failed

Jan 17 19:14:01 gateway Pluto[345]: "gate.local-gate.192.168.3.0" #4: route-host command exited with status 7

I have been playing with it for a while but can't figure out why the VPN howto is working for some users and not others.

This is on SME 5 running upgraded freeswan 1.91 using DMC rpm.

[John E. Phillips]

Can you run a test?
Try moving the link the in run control directory

cd /etc/rc.d/rc7.d
mv S45ipsec to S99ipsec.

Then reboot.

Please let me know if that fixes the problem.....

[Justin]

This is the status I get no matter when the ipsec service initiates. Even when I manually start and stop it I run into these problems.

I am pretty sure it is a routing issue. I saw an error a while back about a "route -add etc etc" problem from the _updown script. What I haven't been able to figure out is why the script would work for some but not others. I wonder if Darryl changed anything in it.

Everything comes up fine but the packets wont route properly they are both dropping about halfway across the traceroute to the termination point coming from either server.

Justin.

[Justin]

Here is the error message,

Jan 18 11:23:15 gateway Pluto[7181]: "net.local-gate.192.168.3.0": route-client output: /usr/lib/ipsec/_updown: route add -net 24.X.X.X netmask 255.255.255.255' failed

I noticed the route command isn't specifying which interface to use but unfortunately I can't experiment with it since the other server is across the country and if I lock myself out I am SOL.

Justin.