[Vpn-help] Feisty 32 bit network browsing
Matthew Grooms
mgrooms at shrew.net
Tue Sep 4 23:40:19 CDT 2007
Matthew Linehan wrote:
>
> We used the linux route command, to dump the routing table. I'm no
> expert in linux IP routing, but it does not look right to me. There
> were no entries in the routing table that would direct packets destined
> for the 192.168.168.* network to the 192.168.167.1 TAP0 interface
> created by the VPN tunnel. Indeed there were NO lines in the routing
> table that referenced the 192.168.168.* network at all. I'm fairly
> certain that the incorrect routing table is the source of the problem,
> however I do not know how iked and the ip routing stuff interact with
> each other, so I could be wrong.
>
Charlie and Matthew,
The only problem I saw was related to the tap driver not being released
due to IPsec policies not being cleared out properly. This was a bug I
introduced recently while trying to fix a lock recursion issue and may
have been munging things up. Could you please try the following ...
cd <ike dir>
svn update
make clean
rm CMakeCache.txt
cmake -DCMAKE_INSTALL_PREFIX=/usr -DQTGUI=YES -DETCDIR=/etc -DNATT=YES
make
make install
setkey -F
setkey -FP
/etc/init.d/iked stop
/etc/init.d/iked start
... and try to connect again. If you still having problems, please let
me know and we can investigate further. It seems to be working fine on
my FC6 and Kubuntu 4.07 test hosts. I'm confident we can make it work
again :)
Thanks,
-Matthew
More information about the vpn-help
mailing list