Hi, My routed based VPN Config file are as below
conn routedvpn type=tunnel authby=secret left=%defaultroute leftid=18.167.117.167 leftnexthop=%defaultroute leftsubnet=18.167.117.167/32 right=156.114.90.5 rightsubnet=156.114.88.100/32 ike=aes128-sha1;modp1024 phase2alg=aes128-sha1;modp1024 pfs=yes auto=start mark=5/0xffffffff vti-interface=vti01 #vti-routing=yes I am facing the below issue Aug 12 14:59:19.581257: added connection description "routedvpn" Aug 12 14:59:19.581409: listening for IKE messages Aug 12 14:59:19.581476: adding interface eth0/eth0 10.0.1.13:500 Aug 12 14:59:19.581497: adding interface eth0/eth0 10.0.1.13:4500 Aug 12 14:59:19.581532: adding interface lo/lo 127.0.0.1:500 Aug 12 14:59:19.581547: adding interface lo/lo 127.0.0.1:4500 Aug 12 14:59:19.581600: | setup callback for interface lo:4500 fd 19 Aug 12 14:59:19.581608: | setup callback for interface lo:500 fd 18 Aug 12 14:59:19.581613: | setup callback for interface eth0:4500 fd 17 Aug 12 14:59:19.581618: | setup callback for interface eth0:500 fd 16 Aug 12 14:59:19.581645: loading secrets from "/etc/ipsec.secrets" Aug 12 14:59:19.581684: loading secrets from "/etc/ipsec.d/routed.secrets" Aug 12 14:59:19.581890: "routedvpn" #1: initiating Main Mode Aug 12 14:59:19.589574: "routedvpn" #1: STATE_MAIN_I2: sent MI2, expecting MR2 Aug 12 14:59:19.597377: "routedvpn" #1: ignoring unknown Vendor ID payload [381bf43a6998ec74fb66b898fef90758] Aug 12 14:59:19.598044: "routedvpn" #1: STATE_MAIN_I3: sent MI3, expecting MR3 Aug 12 14:59:19.605496: "routedvpn" #1: Peer ID is ID_IPV4_ADDR: '156.154.90.5' Aug 12 14:59:19.605710: "routedvpn" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=aes_128 integ=sha group=MODP1024} Aug 12 14:59:19.605737: "routedvpn" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:e53c2990 proposal=AES_CBC_128-HMAC_SHA1_96-MODP1024 pfsgroup=MODP1024} Aug 12 14:59:19.615011: "routedvpn" #2: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=e53c2990, length=28 Aug 12 14:59:19.615023: | ISAKMP Notification Payload Aug 12 14:59:19.615026: | 00 00 00 1c 00 00 00 01 03 04 60 00 Aug 12 14:59:19.628292: "routedvpn" #2: up-client output: net.ipv4.conf.vti01.disable_policy = 1 Aug 12 14:59:19.630450: "routedvpn" #2: up-client output: net.ipv4.conf.vti01.rp_filter = 0 Aug 12 14:59:19.632198: "routedvpn" #2: up-client output: net.ipv4.conf.vti01.forwarding = 1 Aug 12 14:59:19.643601: "routedvpn" #2: prepare-client output: vti interface "vti01" already exists with conflicting setting (perhaps need vti-sharing=yes ? Aug 12 14:59:19.657309: "routedvpn" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xc75ae8bf <0x7ffa45f4 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive} Aug 12 15:01:20.635652: shutting down Aug 12 15:01:20.635715: forgetting secrets I will appreciate if anyone can let me know the cause of the issue. Best Regards, Kaushal
_______________________________________________ Swan mailing list Swan@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan