-1

I have installed Openswan and have configured IPSec tunnels and they work perfect until i install OpenVPN. Now i can't find out way the ping wont work.

When i execute the "service ipsec status" it gave me that the tunnels are up. But when i try to ping the address that is on the other side ( private ye ) it try to go out through the public IP. And i'm using one Publick eth0 and logical private eth0:1,2,3,4 ...etc.

Any hints or solution ?

MadHatter
  • 78,442
  • 20
  • 178
  • 229
IvanCD
  • 27
  • 1
  • 8
  • 1
    Are you saying that you believe the mere fact of having the OpenVPN package is somehow disrupting Openswan? That seems pretty unlikely. No packaged version of the OpenVPN does anything to enable it as a server/daemon. If on the other hand you have built a config for OpenVPN, and started it and that causes problems, then you really need to give us more details about what exactly your configurations look like. – Zoredache Jul 14 '14 at 02:26
  • Well the last thing before ipsec tunnels stop working was installing opevpn rpm package (OpenVPN Access Server) rpm -i etc. I stop and disabled the openvpn to start but still not progress. What info do you need? I have configure ipsec using default par. for p1,2.ipsec status saying that the tunnels are up, the routes are added and everything seems ok but some how when i ping the other side the packet use the public ip insted to through the ipsec tunnel. – IvanCD Jul 14 '14 at 09:49

1 Answers1

0

This isn't particular for Open*, but you asked for hints. When you set up these connections you set up what are kind of like virtual adapters. So, it is kind of like you making the machine multi-homed. I am by no means a network expert, but the important thing to remember with routing tables is that they are look-up tables. Whichever route works first that is where the packet goes. It's is dumber than you probably think it is. Windows, just for instance, tries to add more recovery than other designs, but that can also make it more frustrating if you can't figure out what is controlling the behavior.

ZuberFowler
  • 21
  • 3
  • The interfaces i add are eth0:1,2,3 etc in the /etc/sysconfig/network-scripts/eth0:1 etc. – IvanCD Jul 14 '14 at 09:50
  • I probably shouldn't have answered since I have only used openvpn, but it does sound like a problem with routing. If you have iptables you can use it to log traffic so you could see the interface and destination of the pings. More basically _ip route_ shows the routing table. – ZuberFowler Jul 14 '14 at 14:50
  • Everything is in place .. the route, the status of ipsec show me that the tunnels are up and established. But some how when i ping the packet goes through the public interface and gave me error: ping 192.168.1.5 PING 192.168.1.5 (192.168.1.5) 56(84) bytes of data. From icmp_seq=1 Destination Host Unreachable – IvanCD Jul 15 '14 at 09:03
  • I agree that you are probably having a routing issue. `ip rule list` will show all routing tables, while `ip route show table [name]` will show the content of the routing table with name: [name]. – Lasse Michael Mølgaard Feb 12 '20 at 06:18