[strongSwan] Problem getting default route over IPsec tunnel
Noel Kuntze
noel at familie-kuntze.de
Sun Oct 18 03:36:17 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello Heiko,
Am 18.10.2015 um 02:55 schrieb Heiko Wundram:
> /sbin/ip route add default dev eth1 metric 1 table uplink
Try giving that a next hop over the next router.
You also need to set the rp_filter for the involved interfaces
to "2". Furthermore, you need to stuff packets from the other side into the same table or funky
things might happen the next time you change the routing on that box.
> dpdaction=restart
> auto=start
Use auto=route.
> 220: from all lookup 220
Mind showing us that routing table (even if it should be empty, just checking.)
- --
Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWIveOAAoJEDg5KY9j7GZY6Y4P/jyZmj1JBKluNVepJQ1Ba8jm
rum305mq3mWzWWrE8f2tpwH4fLax56K0F/46RdSNIscROAB//CpXFGPtWhgmdEWv
634xCQAgPgQnY56KM6b7uwoS1BKrZln+7b6o8uZvAeB0Y4ckySZAnNyn5yn+ERbV
Qm3lmupamkk+BKH/S9lQXmc2LlYAvTSF9OxCRPjNVwCM+AyrJotbdNdxsCqskqRT
qqYyVqHQb8KTP/YrdKkkZl39KL/VAiJbyK4vwfGEnR+lrPS7xt5dQo92PoAsTnwR
ChpYpOxVfjQajZVxogyzfmg94OSfDfW+En4Yq55twyecOn9BPyYc21XFk6lRQrJg
dVlA+T/+X67FmZ9CoeJuq8M4rkEwVRvY9qpXT0J/B3XjbKdj2gFxfM0dVxLDGjoj
ZkOOHy98DXGyvvMRyRZCdAofVLN/6H/JD79rw79RJCoOkwJiesRXU5wDZZztvydg
wyBWykzOBu21dwZsxetdxCE2Ell3iCogN2mWsQdHfCiO1VVtKkGwc5LZcUXPs91x
fK12JIqXsrwymahwBFX43RT4+C4Ji3ZrlEB2VpQN578gSBq9t+9QquGukjYUmDeR
Enb9szQwIAS78i5L9DiRYYpBQaXocq2JG0dNwbcliDqhyl+wT1/gxFHyX+bcAaYN
mKhto4RLy+w8gpmIa1G5
=ytJg
-----END PGP SIGNATURE-----
More information about the Users
mailing list