VPN: Strongswan nout routing XP client

Craig Chandler craig.chandler at internode.on.net
Fri Jan 28 00:35:11 CST 2005


upon further investigation i have discovered that if i issue the command:
ipsec eroute
i get the message
cat: /proc/net/ipsec_eroute: No such file or directory

i assume this isn't helping me, anyone know why it may be?

Craig Chandler said :
> 
> 
> Darryl Ross said :
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Craig Chandler wrote:
>> | Darryl Ross said :
>> |> Might be a stupid question, but does 192.168.0.1 have a route to
>> |> 192.168.34.0/24 via 192.168.0.50?
>> |
>> | my understanding was that the VPN enabled the XP client to access the
>> | 192.168.0.0 network (and hence 192.168.0.1) as if it was part of that
>> | network and therefore no routes need to be explicitly setup for
>> | 192.168.0.1 to 192.168.34.0
>>
>> 192.168.34.0/24 is *NOT* part of 192.168.0.0/24, so you need the routes
>> set up on all the machines. If 192.168.0.50 is the default route for the
>> 192.168.0.0/24 network then the routes are already set up. Otherwise you
>> need to set them up manually.
>>
>> The only time you don't need to set up any routing is if the WinXP box
>> got a 192.168.0.x (eg, 192.168.0.51) IP address for the VPN adaptor and
>> 192.168.0.50 was set up to proxyarp on behalf 192.168.0.51. This is most
>> common with PPPD connections, but can also be used for other things.
> 
> 
> and so i should have
> Destination     Gateway         Genmask         Flags Metric Ref    Use 
> Iface
> 192.168.34.0    192.168.0.50    255.255.255.0   UG    0      0        0 
> eth1
> 
> on 192.168.0.1 box
> with the gateway being
> 
> Destination     Gateway         Genmask         Flags Metric Ref    Use 
> Iface
> 192.168.34.137  192.168.34.137  255.255.255.255 UGH   0      0        0 
> eth1
> 192.168.34.0    *               255.255.255.0   U     0      0        0 
> eth1
> 192.168.0.0     *               255.255.255.0   U     0      0        0 
> eth0
> default         192.168.0.1     0.0.0.0         UG    0      0        0 
> eth0
> 
> and the XP client
> 
> ===========================================================================
> Active Routes:
> Network Destination        Netmask          Gateway       Interface  Metric
>           0.0.0.0          0.0.0.0   192.168.34.137  192.168.34.137       1
>         127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
>       192.168.0.0  255.255.255.255     192.168.34.1  192.168.34.137       1
>      192.168.34.0    255.255.255.0   192.168.34.137  192.168.34.137       1
>    192.168.34.137  255.255.255.255        127.0.0.1       127.0.0.1       1
>    192.168.34.255  255.255.255.255   192.168.34.137  192.168.34.137       1
>         224.0.0.0        224.0.0.0   192.168.34.137  192.168.34.137       1
>   255.255.255.255  255.255.255.255   192.168.34.137  192.168.34.137       1
> Default Gateway:    192.168.34.137
> ===========================================================================
> 
> 
>>
>> Regards
>> Darryl
>>
>>
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.1 (MingW32)
>>
>> iD8DBQFB+IA4/XQ6DbmPjokRAq9hAJ4vSk8ZTiz2ZKRVcBU4FkoqOhThWACfZYpT
>> hKl2Vdtk/8m8syvjijF/GR4=
>> =9AmD
>> -----END PGP SIGNATURE-----
>>


More information about the linuxsa mailing list