[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(racoon 916) Re: Multiple Routing tables don't work with IPSec... :(

David,

you told just a fraction of story.
1) what are your policies (setkey -DP); please omit keys if you're using manual keying;
2) is this box acting as initiator or responder;
3) if you use automatic keying, to which point racoon succeeds negotiation;
4) what are your iptables rules

please fill these gaps.

David Herselman wrote:
Have a box with multiple interfaces and thus setup multiple routing tables
(iproute2). Problem is that I can only establish an IPSec connection to the
connection that is set as the default route on the machine, all other
network services however function perfectly on either interface... Almost
like IPSec stack only 'follows' the main routing table and doesn't go
through 'iproute2' which everything else goes through...
Configuration:
/etc/iproute2/rt_tables:
200 ADSL
201 Diginet
ip route show table ADSL
default via 163.146.64.1 dev ppp0
ip route show table Diginet
default via 194.23.146.225 dev eth1
ip rule show
0: from all lookup local
32764: from 163.146.71.155 lookup ADSL
32765: from 194.23.146.224/28 lookup Diginet
32766: from all lookup main
32767: from all lookup 253
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
163.146.64.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
194.23.146.224 0.0.0.0 255.255.255.240 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 164.146.64.1 0.0.0.0 UG 0 0 0 ppp0


Syrex Intranets - Customised Solutions <file://C:\Documents and
Settings\davidh\Application Data\Microsoft\Signatures\syrex_intranets.gif> 

		David Herselman	
		Managing Member	
	  	 B.Compt, MCSE, Team OS/2, Unix Admin, A+	
	 	
		cell	 +27 (0)82 784 7222	
		tel	 +27 (0)86 11 syrex (79739)	
		fax	 +27 (0)86 12 syrex (79739)	
		27 7th avenue parktown north 2193	
		email dh@syrex.cc	
		www.syrex.co.za	



--
Aidas Kasparas
IT administrator
GM Consult Group, UAB