[7.903][BUG][FIXED] IPSec site to site VPN fails (cluster active/active)

Hi,

The IPSec site to site VPN's no longer work after moving to a clustered environment.  I deleted and recreated the VPN details and no improvement.
Created a SSL site to site and that connects OK.

Extract from the IPSec log file shows the following error:

2010:04:24-16:17:30 mercury-3 ipsec_starter[6727]: no default route - cannot cope with %defaultroute!!!
2010:04:24-16:17:30 mercury-3 pluto[6729]: added connection description "S_REF_CJNBXnBlTA_0"
2010:04:24-16:17:30 mercury-3 pluto[6729]: forgetting secrets
2010:04:24-16:17:30 mercury-3 pluto[6729]: loading secrets from "/etc/ipsec.secrets"
2010:04:24-16:17:30 mercury-3 pluto[6729]:   loaded shared key for X.X.X.X Y.Y.Y.Y
2010:04:24-16:17:30 mercury-3 pluto[6729]:   loaded private key from 'REF_IkijnKVcwf.pem'
2010:04:24-16:17:30 mercury-3 pluto[6729]:   loaded shared key for X.X.X.X Y.Y.Y.Y
2010:04:24-16:17:30 mercury-3 pluto[6729]: loading ca certificates from '/etc/ipsec.d/cacerts'
2010:04:24-16:17:30 mercury-3 pluto[6729]:   loaded ca certificate from '/etc/ipsec.d/cacerts/R***.pem'
2010:04:24-16:17:30 mercury-3 pluto[6729]: loading aa certificates from '/etc/ipsec.d/aacerts'
2010:04:24-16:17:30 mercury-3 pluto[6729]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2010:04:24-16:17:30 mercury-3 pluto[6729]: loading attribute certificates from '/etc/ipsec.d/acerts'
2010:04:24-16:17:30 mercury-3 pluto[6729]: Changing to directory '/etc/ipsec.d/crls'
2010:04:24-16:17:30 mercury-1 ipsec_starter[5555]: no default route - cannot cope with %defaultroute!!!
2010:04:24-16:17:30 mercury-1 pluto[5557]: added connection description "S_REF_CJNBXnBlTA_0"
2010:04:24-16:17:30 mercury-1 pluto[5557]: forgetting secrets
2010:04:24-16:17:30 mercury-1 pluto[5557]: loading secrets from "/etc/ipsec.secrets"
2010:04:24-16:17:30 mercury-1 pluto[5557]:   loaded shared key for X.X.X.X Y.Y.Y.Y
2010:04:24-16:17:30 mercury-1 pluto[5557]:   loaded private key from 'REF_IkijnKVcwf.pem'
2010:04:24-16:17:30 mercury-1 pluto[5557]:   loaded shared key for X.X.X.X Y.Y.Y.Y
2010:04:24-16:17:30 mercury-1 pluto[5557]: loading ca certificates from '/etc/ipsec.d/cacerts'
2010:04:24-16:17:31 mercury-1 pluto[5557]:   loaded ca certificate from '/etc/ipsec.d/cacerts/R***.pem'
2010:04:24-16:17:31 mercury-1 pluto[5557]: loading aa certificates from '/etc/ipsec.d/aacerts'
2010:04:24-16:17:31 mercury-1 pluto[5557]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2010:04:24-16:17:31 mercury-1 pluto[5557]: loading attribute certificates from '/etc/ipsec.d/acerts'
2010:04:24-16:17:31 mercury-1 pluto[5557]: Changing to directory '/etc/ipsec.d/crls'

Parents

0 Astaro Beta Bot over 15 years ago

Astaro Beta Report

--------------------------------

Version: 7.903

Type: BUG

State: MERGED/FIXED

Reporter: darrenl+++

Contributor: 

MantisID: 13527

Target version: 7.911

Fixed in version: 7.911

--------------------------------

Reply

0 Astaro Beta Bot over 15 years ago

Astaro Beta Report

--------------------------------

Version: 7.903

Type: BUG

State: MERGED/FIXED

Reporter: darrenl+++

Contributor: 

MantisID: 13527

Target version: 7.911

Fixed in version: 7.911

--------------------------------

Children

No Data