[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPSec WinXP interop

Right, I've upgraded to freeswan 2.01 from backports.org.  This was
because the 1.96 that I was using from Woody didn't recognise the
leftprotoport and rightprotoport commands.  I apt-got the source,
grepped, and sure enough they weren't there.  This leads me to believe
that the 

But now I have a different problem.  Upon reboot (recompiled the kernel
with the 2.01 patch), I couldn't ssh in.  Doh!  I was just able to get
onsite, and there was a problem with the routing table.

Kernel IP routing table
Destination     Gateway         Genmask         Metric Ref    Use
localnet        *      0      0        0 eth1
localnet        *      0      0        0 ipsec0        *            0      0        0 eth0
default       0      0        0 ipsec0       0      0        0 ipsec0
default         0      0        0 eth1

What happens is that pings in or out cause the ipsec0 packet transmit
count to increase, and that's about it.  I had to /etc/init.d/stop ipsec
to get connectivity back.

I've googled a bit and don't see the answer.  Best I could come up with
was http://lists.virus.org/freeswan-0307/msg00363.html.  This states
that OE can cause freeswan to take over the default route.  But I don't
want OE, and I can't for the life of me work out how to switch it off.
I think it has something to do with the default policies that 1.96
didn't have, but I also can't work out how to switch them off.


Reply to: