[strongSwan] strongswan-5.1.1 routing pb
s s
y52 at europe.com
Sat Dec 21 16:23:56 CET 2013
Hello again,
Is standard Centos 5.x kernel 2.6.18-308.16.1.el5PAE compatible at all with
[root@ ~]# strongswan version
Linux strongSwan U5.1.1/K2.6.18-308.16.1.el5PAE
We are unable to fix the routing problem. When the remote host is behind the NAT'ed provider's server, it can not be reached at all:
msc-hmnet{12}: 192.168.4.0/24 === 192.168.3.0/24
[root at karma ~]# ping 192.168.3.56
PING 192.168.3.56 (192.168.3.56) 56(84) bytes of data.
--- 192.168.3.56 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms
----
> > But out of the 2 tunnels only 1 is reachable. The other one doesn't ping.
> Does that tunnel work if you don't establish the other one?
No, it doesn't.
Besides, once the 192.168.3.0/24 host is behind the NAT'ed gateway, neither of the tunnels work.
> Also, I'd try to disable IPComp for testing. There seems to be an issue
> with IPcomp on some kernels in some scenarios.
What an IPComp is and how to disable it ?
We use a standard Centos 5.x kernel
2.6.18-308.16.1.el5PAE #1 SMP Tue Oct 2 22:49:17 EDT 2012 i686 i686 i386 GNU/Linux
Could anyone help to troubleshoot the problem and resolve the issue?
Rgds,
Serge
More information about the Users
mailing list