[strongSwan] Problem connecting to a Cisco Unity gateway

Bas van Dijk v.dijk.bas at gmail.com
Sun Apr 26 20:25:46 CEST 2015 

Hi Miroslav,

On 26 April 2015 at 08:26, Miroslav Svoboda <goodmirek at goodmirek.cz> wrote:
> Please can you add output of:
> ip route show
> ip route show table 220
> ip xfrm state
> ip a

Here you go:

# ip route show
default via 136.243.17.1 dev eth0
136.243.17.0/26 via 136.243.17.1 dev eth0
172.16.48.16/28 dev eth0  proto kernel  scope link  src 172.16.48.17

# ip route show table 220

# ip xfrm state
src 136.243.25.108 dst 213.163.70.4
  proto esp spi 0x700e6b6c reqid 1 mode tunnel
  replay-window 32 flag af-unspec
  auth-trunc hmac(sha1) 0x6d969125d32fd66fb899abfc60c4328be1404c03 96
  enc cbc(aes) 0xd5562d5113dfc4a8b9a0679990282860
src 213.163.70.4 dst 136.243.25.108
  proto esp spi 0xc15e6adb reqid 1 mode tunnel
  replay-window 32 flag af-unspec
  auth-trunc hmac(sha1) 0xf2be74d8b38d26fc2e2ee3adb1ccb59a4d06ff09 96
  enc cbc(aes) 0x1c6770d03daa3fa8a317fb7f22d144c8

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
    link/ether 44:8a:5b:d8:85:8c brd ff:ff:ff:ff:ff:ff
    inet 136.243.25.125/32 scope global eth0
       valid_lft forever preferred_lft forever
    inet 136.243.25.108/32 scope global eth0
       valid_lft forever preferred_lft forever
    inet 172.16.48.17/28 scope global eth0
       valid_lft forever preferred_lft forever
    inet 136.243.17.41/26 scope global eth0
       valid_lft forever preferred_lft forever

> Are you able to successfully do:
> ip route add 10.180.0.0/24 via 172.16.48.17
> ?

Yes:

# ip route add 10.180.0.0/24 via 172.16.48.17

# ip route
default via 136.243.17.1 dev eth0
10.180.0.0/24 via 172.16.48.17 dev eth0
136.243.17.0/26 via 136.243.17.1 dev eth0
172.16.48.16/28 dev eth0  proto kernel  scope link  src 172.16.48.17

Thanks for your time,

Bas

More information about the Users mailing list