Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Mick <michaelkintzios-Re5JQEeQqe8AvxtiuMwx3w <at> public.gmane.org>
Subject: The phase1_up.sh script provided with ipsec-tools does not set up routing
Newsgroups: gmane.network.ipsec.tools.user
Date: Monday 13th February 2012 15:08:26 UTC (over 5 years ago)
I can't get the phase1_up.sh script to set up routes to the VPN
gateway on my roadwarrior machine.

I am not sure if this is due to a poor IPSec implementation of the
gateway and the way it sends the mode_cfg attributes, or something
else is amiss with my setup.

This is what I see in the racoon logs re. mode_cfg after a connection
is established when I set up routing manually:

Feb 11 23:53:44 dell_xps racoon: DEBUG: Configuration exchange type
mode config SET
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_ADDRESS
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
INTERNAL_IP4_ADDRESS
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_NETMASK
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
INTERNAL_IP4_NETMASK
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_SUBNET
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
INTERNAL_IP4_SUBNET
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute INTERNAL_ADDRESS_EXPIRY
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
INTERNAL_ADDRESS_EXPIRY
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_DNS
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
INTERNAL_IP4_DNS
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute SUPPORTED_ATTRIBUTES
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
SUPPORTED_ATTRIBUTES
Feb 11 23:53:44 dell_xps racoon: DEBUG: Attribute APPLICATION_VERSION
Feb 11 23:53:44 dell_xps racoon: DEBUG: Unexpected SET attribute
APPLICATION_VERSION
Feb 11 23:53:44 dell_xps racoon: DEBUG: Sending MODE_CFG ACK


When I run the phase1_up.sh manually I get just the roadwarrior's
gateway shown, nothing else:

# "/etc/racoon/scripts/phase1-up.sh" phase1_up
phase1_up
LOCAL_ADDR =
LOCAL_PORT =
REMOTE_ADDR =
REMOTE_PORT =
DEFAULT_GW = 10.211.63.250
INTERNAL_ADDR4 =
INTERNAL_DNS4 =

To set up routes manually I run:

ifconfig wlan0:1:0 172.16.1.1
ip route add 10.10.10.0/24 via 172.16.1.1 dev wlan0

Where 172.16.1.1 is the VPN subnet allocation in the remote LAN and
10.10.10.0/24 is the LAN subnet behind the router.

I thought that the phase1_up.sh would set up such routes
automatically.  Why is not doing so?

Any advice on troubleshooting this would be greatly appreciated!

PS.  I'm running ipsec-tools-0.8.0 on a gentoo box with
kernel-3.2.1-r2.  Please ask if you need more info.

-- 
Regards,
Mick

------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
 
CD: 4ms