[strongSwan] net-to-net with one gateway behind NAT
Martin Willi
martin at strongswan.org
Thu Nov 11 10:04:00 CET 2010
Hi Alexis,
> getting a local address in traffic selector 0.0.0.0/0
> using host %any
> getting address to reach 174.90.242.85
> getting interface name for 192.168.21.100
> 192.168.21.100 is on interface eth0
> getting iface index for eth0
> received netlink error: No such process (3)
> unable to install source route for %any
Yes, I have seen this error once. But I was unable to reproduce or fix
it. The daemon tries to install a source route for this policy, like:
ip route add 172.22.0.0/28 via GATEWAY src 192.168.21.100 dev eth0
But the kernel does not like that route. Maybe the gateway lookup does
not work correctly on your setup, hard to say.
Please apply the attached patch. It shows the complete route the daemon
tries to install. Does that route makes sense for your setup?
Regards
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Print-full-source-route-on-DBG2-that-gets-installed.patch
Type: text/x-patch
Size: 1010 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20101111/ad448bae/attachment.bin>
More information about the Users
mailing list