Subj : IPSec VPN from NATed host to a public host: fatal errors To : comp.os.linux From : forever_connected Date : Thu Aug 19 2004 09:35 am Here are network diagram, IPSec config files and /var/log/messages errors. Can anyone kind enough to read a bit and point out what the cause is? Host1 is RedHat9/2.4.25/FreeSwan2.05, host2 is RedHat8/ 2.4.18-14smp/FreeSwan2.06. Thanks. --DL ----------------------------------------------------------------------- (10.1.1.2)--(10.1.1.1)NATer(206.x.y.z)--gw1~~~~~~~gw2--(170.p.q.r) host1--------------------IPSec VPN--------------------host2 ----------------------------------------------------------------------- config setup interfaces="ipsec0=eth1" klipsdebug=none conn host1tohost2 left=10.1.1.2 leftid=10.1.1.2 leftnexthop=10.1.1.1 leftsubnet=192.168.10.0/24 right=170.p.q.r rightid=170.p.q.r rightnexthop=gw2 rightsubnet=192.168.8.0/24 spi=0x1001 esp=3des-md5-96 espenckey=0xMyKey espauthkey=0xMyKeyFingerPrint auto=manual ----------------------------------------------------------------- config setup interfaces="ipsec0=eth2" klipsdebug=none conn host1tohost2 left=206.x.y.z leftid=206.x.y.z leftnexthop=gw1 leftsubnet=192.168.10.0/24 right=170.p.q.r rightid=170.p.q.r rightnexthop=gw2 rightsubnet=192.168.8.0/24 spi=0x1001 esp=3des-md5-96 espenckey=0xMyKey espauthkey=0xMyKeyFingerPrint auto=manual ---------------------------------------------------------------- Aug 19 10:43:35 mgtnode ipsec_setup: KLIPS ipsec0 on eth2 170.p.q.r/255.255.255.240 broadcast 170.p.q.w Aug 19 10:43:36 mgtnode ipsec_setup: ...FreeS/WAN IPsec started Aug 19 10:43:36 mgtnode ipsec__plutorun: ipsec_auto: fatal error in "packetdefault": %defaultroute requested but not known Aug 19 10:43:36 mgtnode ipsec__plutorun: ipsec_auto: fatal error in "block": %defaultroute requested but not known Aug 19 10:43:36 mgtnode ipsec__plutorun: ipsec_auto: fatal error in "clear-or-private": %defaultroute requested but not known Aug 19 10:43:36 mgtnode ipsec__plutorun: ipsec_auto: fatal error in "clear": %defaultroute requested but not known Aug 19 10:43:36 mgtnode ipsec__plutorun: ipsec_auto: fatal error in "private-or-clear": %defaultroute requested but not known Aug 19 10:43:36 mgtnode ipsec__plutorun: ipsec_auto: fatal error in "private": %defaultroute requested but not known Aug 19 10:43:36 mgtnode ipsec__plutorun: 021 no connection named "packetdefault" Aug 19 10:43:36 mgtnode ipsec__plutorun: ...could not route conn "packetdefault" Aug 19 10:43:36 mgtnode ipsec__plutorun: 021 no connection named "block" Aug 19 10:43:36 mgtnode ipsec__plutorun: ...could not route conn "block" Aug 19 10:43:36 mgtnode ipsec__plutorun: 021 no connection named "clear-or-private" Aug 19 10:43:36 mgtnode ipsec__plutorun: ...could not route conn "clear-or-private" Aug 19 10:43:36 mgtnode ipsec__plutorun: 021 no connection named "clear" Aug 19 10:43:36 mgtnode ipsec__plutorun: ...could not route conn "clear" Aug 19 10:43:36 mgtnode ipsec__plutorun: 021 no connection named "private-or-clear" Aug 19 10:43:36 mgtnode ipsec__plutorun: ...could not route conn "private-or-clear" Aug 19 10:43:36 mgtnode ipsec__plutorun: 021 no connection named "private" Aug 19 10:43:36 mgtnode ipsec__plutorun: ...could not route conn "private" .