On Wed, Jan 05, 2011 at 10:20:03PM +0100, Christian Kildau wrote: > Hi all, > > I'm having a hard time getting vpnc (0.5.3) from packages to work on 4.8. > I have it running on Mac OS X (and Linux also), but it just doesn't work(tm) > on OpenBSD. > > Everything get's set up properly (in my eyes). The tun device is created, the > IP Address is assigned, the routes are set. But it looks like vpnc just > doesn't forward anything. > > net.inet.esp.enable and net.inet.ah.enable are set to 0, as mentioned by the > vpnc installation script. > > # ping sipgate.de > PING sipgate.de (217.10.79.9): 56 data bytes > ping: sendto: No buffer space available > ping: wrote sipgate.de 64 chars, ret=-1 > > Has anyone got this working on a recent OpenBSD? > > > > > > > IPSec gateway secureconnect.sipgate.net > IPSec ID secureconnect.sipgate.net > IPSec secret sipgate-key > #IPSec target network 217.10.64.0/255.255.240.0 > IKE Authmode psk > Xauth username user > Xauth password pass > #NAT Traversal Mode force-natt > Script /etc/vpnc/vpnc-sipgate-script > > (Custom script is the default one, minus the resolv.conf handling and sets > 217.10.64.0/255.255.240.0 instead of default route) > > tun0: flags=51<UP,POINTOPOINT,RUNNING> mtu 1412 > priority: 0 > groups: tun > status: active > inet 212.9.32.144 --> 212.9.32.144 netmask 0xffffffff > > # netstat -nrf inet > Routing tables > > Internet: > Destination Gateway Flags Refs Use Mtu Prio Iface > default 10.1.16.1 UGS 4 32 - 8 em0 > 10.1.16/24 link#1 UC 2 0 - 4 em0 > 10.1.16.1 00:50:8b:95:a4:d2 UHLc 1 5 - 4 em0 > 10.1.16.128 00:23:df:a7:8d:9e UHLc 1 154 - 4 em0 > 10.1.16.222 127.0.0.1 UGHS 0 0 33160 8 lo0 > 127/8 127.0.0.1 UGRS 0 0 33160 8 lo0 > 127.0.0.1 127.0.0.1 UH 2 0 33160 4 lo0 > 212.9.32.151 212.9.32.151 UH 1 0 - 4 tun0 > 217.10.64/20 212.9.32.151 UGS 0 0 - 8 tun0 > 224/4 127.0.0.1 URS 0 0 33160 8 lo0 >
I use it everyday at work with OpenBSD -current. Do you have a rule in your pf.conf to allow traffic on tunX ? -- Pierre-Emmanuel Andri <pea at raveland.org> GPG key: 0x7AE329DC
