[Vpn-help] Strange routing problem

Klaus Strebel klaus.strebel at gmx.net
Thu Apr 16 02:36:23 CDT 2009


Hi all together,

Matthew, i hope it's ok for you, that i just post to the list ... guess
your reading it ;-).

Well, the problem hit me ( well, my colleague ) again.
The tunnel came up, not traffic possible (no route) and ipconfig showed
3 ip-addresses on the virtual interface. After uninstalling, rebooting
and reinstalling the spook was gone and the connection was working ...
I'd rather had that on my box, to enable me helping you debug this
phenomenon.

Greets
Klaus

Noach Sumner schrieb:
> As it seems they probably found my post I figure it is worth a new post.
> Matthew any hope of a solution for this dratted multiple IP issue?
> 
> On Wed, Apr 8, 2009 at 10:08 AM, Klaus Strebel <klaus.strebel at gmx.net
> <mailto:klaus.strebel at gmx.net>> wrote:
> 
>     Matthew Grooms schrieb:
>     > Klaus Strebel wrote:
>     >> Hi all,
>     >>
>     >> i got a weird problem with a new box connecting to our PIX-VPN. The
>     >> config used works great for several other boxes ( all Dell-Laptops )
>     >> with XP 64 and Vista 64, but on this box its just establishing
>     the SA,
>     >> the tunnel is comming up, but the routes through it are not set.
>     In the
>     >> iked.log i found ( only one ?!? ) '!! : failed to create IPSEC policy
>     >> route for 172.26.1.0/24 <http://172.26.1.0/24>', there should
>     also be get one created for
>     >> 172.25.0.0/16 <http://172.25.0.0/16> ... is that tried at all if
>     the first failed ???
>     >>
>     >
>     > Hi Klaus,
>     >
>     > Thanks for the bug report. I'm not sure why a route would be
>     created for
>     > one network but not the other. Did you have a look at the route table
>     > before and after the connection was established? Feel free to
>     forward me
>     > this information in a private email if you like.
> 
>     Hi Matthew,
> 
>     i poked a bit more in the vpn-help-archives and found reports about
>     problems with multiple addresses on the virtual-interface ( that i had
>     not on the boxes that work, but found on the box that doesn't ) and one
>     user who reported that he had to remove all remainders of an old install
>     and reboot ( reboot, reboot  ;-) ) and finally got an 2.2.0-alpha to
>     work.
>     So i downloaded the latest 2.1.5-alpha and uninstalled ( hey forgot to
>     mention: had the 2.1.3-stable installed ) the old version, installed the
>     2.1.5-beta4 and ... no change. Then in uninstalled, rebooted, cleaned
>     the registry ( well, just delete all HKEY_xxx->Software->ShrewSoft keys
>     ), rebooted, installed the 2.1.5-beta4, rebooted, imported my config,
>     set debug-level to 'decode' and tataaaa, it worked!
-- 
Mit freundlichen Grüssen / best regards

Klaus Strebel, Dipl.-Inform. (FH), mailto:klaus.strebel at gmx.net

/"\
\ /     ASCII RIBBON CAMPAIGN
 X        AGAINST HTML MAIL
/ \



More information about the vpn-help mailing list