-   Linux - Networking (
-   -   OpenSwan: "%defaultroute" or "can't identify ourselves" (

sundialsvcs 09-26-2006 05:55 PM

OpenSwan: "%defaultroute" or "can't identify ourselves"
Danged if I do, danged if I don't...

With OpenSwan...

(1) In "ipsec.conf," the config says "interfaces=%defaultroute"

(2) In a connection that says "left=%defaultroute," I get:
"%defaultroute requested but not known"

(3) If instead "left=" (the default gateway from here):
"cannot identify ourselves with either side of the connection"


sundialsvcs 09-26-2006 06:00 PM

Note: If I put left=w.x.y.z, where "w.x.y.z" is the actual IP-address of my ethernet port, into the conn(ection) entry in ipsec.conf, then I can proceed.

But, obviously, I shouldn't have to specify any hard-coded address. There must be another, obvious :rolleyes: way to specify that "the connection is 'from here.'"

Also: "%any" gives the same "can't identify" message as before.

All times are GMT -5. The time now is 07:20 PM.