road:~# hostname road.uml.freeswan.org road:~# ifconfig eth0 inet 192.1.3.194 road:~# route delete -net default SIOCDELRT: No such process road:~# route add -net default gw 192.1.3.254 road:~# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.1.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.1.3.254 0.0.0.0 UG 0 0 0 eth0 road:~# TESTNAME=xauth-pluto-10 road:~# source /testing/pluto/bin/roadlocal.sh road:~# ipsec setup start ipsec_setup: Starting Libreswan IPsec VERSION road:~# ipsec auto --replace xauth-road--eastnet road:~# echo done done road:~# ipsec whack --status | grep xauth-road--eastnet 000 "xauth-road--eastnet": 192.1.3.194<192.1.3.194>[@road.testing.libreswan.org,XC+S?C]---192.1.3.254...192.1.2.45---192.1.2.23<192.1.2.23>[@east,XS+S?C]===192.0.2.0/24; unrouted; eroute owner: #0 000 "xauth-road--eastnet": myip=unset; hisip=unset; 000 "xauth-road--eastnet": xauth info: myxauthuser=use1; 000 "xauth-road--eastnet": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "xauth-road--eastnet": policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW; prio: 32,24; interface: eth0; 000 "xauth-road--eastnet": newest ISAKMP SA: #0; newest IPsec SA: #0; road:~# ipsec whack --xauthpass 'use1pass' --name xauth-road--eastnet --initiate 002 "xauth-road--eastnet" #1: initiating Main Mode 104 "xauth-road--eastnet" #1: STATE_MAIN_I1: initiate 003 "xauth-road--eastnet" #1: received Vendor ID payload [Libreswan 003 "xauth-road--eastnet" #1: received Vendor ID payload [Dead Peer Detection] 003 "xauth-road--eastnet" #1: received Vendor ID payload [XAUTH] 002 "xauth-road--eastnet" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 106 "xauth-road--eastnet" #1: STATE_MAIN_I2: sent MI2, expecting MR2 002 "xauth-road--eastnet" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 108 "xauth-road--eastnet" #1: STATE_MAIN_I3: sent MI3, expecting MR3 002 "xauth-road--eastnet" #1: Main mode peer ID is ID_FQDN: '@east' 002 "xauth-road--eastnet" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4 004 "xauth-road--eastnet" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp1536} 040 "xauth-road--eastnet" #1: xauth-road--eastnet prompt for Password: 002 "xauth-road--eastnet" #1: XAUTH: Answering XAUTH challenge with user='use1' 002 "xauth-road--eastnet" #1: transition from state STATE_XAUTH_I0 to state STATE_XAUTH_I1 004 "xauth-road--eastnet" #1: STATE_XAUTH_I1: XAUTH client - awaiting CFG_set 002 "xauth-road--eastnet" #1: XAUTH: Successfully Authenticated 002 "xauth-road--eastnet" #1: transition from state STATE_XAUTH_I0 to state STATE_XAUTH_I1 004 "xauth-road--eastnet" #1: STATE_XAUTH_I1: XAUTH client - awaiting CFG_set 002 "xauth-road--eastnet" #2: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW 117 "xauth-road--eastnet" #2: STATE_QUICK_I1: initiate 002 "xauth-road--eastnet" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 004 "xauth-road--eastnet" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode road:~# echo done. done. road:~# road:~#