Bas, Thanks for letting know! It will for sure help someone in the future. This kind of troubleshooting is tough :)
Regards, Miroslav Miroslav Svoboda | +420 608 224 486 On 27 April 2015 at 16:26, Bas van Dijk <[email protected]> wrote: > I just discovered that I can successfully manually add the route if I > leave of the "via <gateway>" option: > > # ip route add 10.180.0.0/24 src 172.16.48.17 dev eth0 > > After this I can successfully ping hosts on the other side of the VPN! > > So I think I just add this manual route addition to my startup scripts > and be done with it. > > Cheers, > > Bas > > On 27 April 2015 at 11:42, Bas van Dijk <[email protected]> wrote: > > On 26 April 2015 at 23:46, Miroslav Svoboda <[email protected]> > wrote: > >> Huh, it is a bit complicated. > >> Routing table 220 empty... is not good most probably, but cannot help > to fix > >> it. > > > > Routing table 220 is probably empty because strongswan fails to add a > > route to it because of the "Network is unreachable (101)" error. Which > > is the same error I get when I try to add the route manually. > > > >> I would need to see configuration and packet dump to understand what > packets > >> go from where to there. > > > > My network configuration boils down to the following sequence of > commands: > > > > ip link set "eth0" up > > > > ip addr add "136.243.25.125/32" dev "eth0" > > ip addr add "136.243.25.108/32" dev "eth0" > > ip addr add "172.16.48.17/28" dev "eth0" > > ip addr add "136.243.17.41/26" dev "eth0" > > > > ip route add default via "136.243.17.1" > > > > ip -6 addr add '2a01:4f8:211:2aa8::/64' dev 'eth0' > > ip -4 route change '136.243.17.0/26' via '136.243.17.1' dev 'eth0' > > ip -6 route add default via 'fe80::1' dev eth0 > > > > I'll look into making a packet dump. > > > >> Anyway, it looks strange to me to route traffic into my own physical > segment > >> via gateway: 136.243.17.0/26 via 136.243.17.1 dev eth0 > >> But it will probably not help you. > > > > I'm running my machine in a Hetzner data center where it's required to > > route all traffic (including traffic to my own subnet) to the gateway. > > (See: http://wiki.hetzner.de/index.php/Netzkonfiguration_Debian/en) > > > > I also tried deleting that route and trying again but I got the same > error: > > > > # ip route del 136.243.17.0/26 via 136.243.17.1 dev eth0 > > # ip route add 10.180.0.0/24 via 136.243.17.1 src 172.16.48.17 dev eth0 > > RTNETLINK answers: Network is unreachable > > > >> Did you try to use lo:0 instead of eth0 for all you "loopback" > addresses? > > > > Adding it to "lo" yields the same error: > > > > # ip addr add 172.16.48.17/28 dev lo > > # ip route add 10.180.0.0/24 via 136.243.17.1 src 172.16.48.17 dev eth0 > > RTNETLINK answers: Network is unreachable > > > > Cheers, > > > > Bas >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
