Hi List
I have several Soekris OpenBSD boxes running a mix of 4.3, 4.4 and 4.5
all connecting multiple subnets together on a central server running
OpenBSD 4.5 (this server is a Dell Poweredge 860).
Most of the routers work, but some of them drop the routes to one of my
subnets. This happens to be the most critical subnet and so causes
quite a problem. The really odd thing is that when I run isakmpd in
debug mode (on the problem routers) the subnet route does not get
dropped. Even more odd/annoying is this problem is intermittent and
tends to only affect one of the routers at any one time.
The problem routers all have an internal network of 10.x.0.0/24. My
central location is 10.100.0.0/24 (this is the one that gets dropped by
the remote routers). My routers that don't have a problem are either on
a 192.168.x.0/24 network and/or are running IPCOP.
A sample of one of the problem router ipsec.conf:-
---snip---
local_network="10.30.0.0/24"
remote_networks="{ 10.100.0.0/24, 192.168.10.0/24, 192.168.254.0/24,
10.10.0.0/24, 10.20.0.0/24, 10.40.0.0/24, 10.50.0.0/24, 10.60.0.0/24 }"
local_peer="10.30.0.1"
remote_peer="xxx.xxx.xxx.xxx"
key="**************"
# IPSec tunnel
ike active esp from $local_network to $remote_networks local $local_peer
peer $remote_peer psk $key
---snip---
The central location routers has this entry for this router:-
---snip---
ike esp from { 10.100.0.0/24, 192.168.10.0/24, 192.168.254.0/24,
10.10.0.0/24, 10.20.0.0/24, 10.40.0.0/24, 10.50.0.0/24, 10.60.0.0/24 }
to 10.30.0.0/24 local $me peer xxx.xxx.xxx.xxx psk **************
---snip---
Thanks in advance!!!
Danny
This message has been scanned for viruses
