[Users] freeswan 2.0, default route, policy groups

I just installed 2.0 (rc2) today and ran into an unexpected problem. In 2.0, opportunistic encryption is enabled by default. It's part of the new Policy Groups feature. As a result, freeswan will add an extra default route making it impossible for machines behind your freeswan gateway to get out.

To disable OE and avoid the issue with the default route, read these instructions:

http://www.freeswan.ca/docs/freeswan-Snapshot/doc/policygroups.html

To disable policy groups, cut and paste the following lines to /etc/ipsec.conf:

conn block

    auto=ignore

conn private

    auto=ignore

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek

conn private-or-clear

    auto=ignore

conn clear-or-private

    auto=ignore

conn clear

    auto=ignore

Restart FreeS/WAN

    ipsec setup restart

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek