I realise this will probably be a stupid question, but I am trying to get FreeS/WAN running on my RH9 Firewall/Gateway box with ADSL, so I can have a VPN to another ADSL person.
My problem at the moment is that when I start IPSEC, my routing table becomes weird, and consequently all traffic you'd think would head out of my ppp0 interface decides it must now go out of the ipsec0 interface. The VPN has not been established yet, I have just started ipsec.
My routing table becomes (note lack of even DNS entries):
203.17.x * 255.255.255.255 UH 0 0 0 ppp0
203.17.x * 255.255.255.255 UH 0 0 0 ipsec0
10.0.0.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 203.17.x 220.127.116.11 UG 0 0 0 ipsec0
18.104.22.168 203.17.x 22.214.171.124 UG 0 0 0 ipsec0
default 203.17.x 0.0.0.0 UG 0 0 0 ppp0
the 203.17.x numbers are the next hop onto my ISPs network.
Shorewall rejects all the traffic when the routing table is in this mode, mainly as there is no "IN" interface.
Aug 9 09:12:56 localhost kernel: Shorewall:all2all:REJECT:IN= OUT=ipsec0 SRC=203.113.x DST=126.96.36.199 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=30328 DF PROTO=UDP SPT=1028 DPT=53 LEN=52
Which seems wrong.
I am using FreeS/WAN 2.01 with RH9 on a 2.4.20-19.9 kernel...
My ipsec.conf is:
I would be most grateful if anybody would be able to help me with this, it's beginning to drive me insane.....
It's probably something simple