Hi,
this is my log on the gateway:
Apr 23 11:16:09 VPN-Gate ipsec_setup: ...FreeS/WAN IPsec stopped
Apr 23 11:16:09 VPN-Gate ipsec_setup: Starting FreeS/WAN IPsec 1.97...
Apr 23 11:16:10 VPN-Gate ipsec_setup: KLIPS debug `all'
Apr 23 11:16:10 VPN-Gate kernel: klips_debug:rj_walktree: for:
rn=d60add88 rj_b=-3 rj_flags=6 leaf
Apr 23 11:16:10 VPN-Gate kernel: klips_debug:rj_walktree: processing
leaves, rn=d60addb8 rj_b=-3 rjApr 23 11:16:10 VPN-Gate kernel:
klips_debug:rj_walktree: while: base=00000000 rn=d60add88 rj_b=-3
Apr 23 11:16:10 VPN-Gate ipsec_setup: KLIPS ipsec0 on eth0
130.75.137.86/255.255.255.0 broadcast 13Apr 23 11:16:10 VPN-Gate
ipsec_setup: ...FreeS/WAN IPsec started
my ipsec.conf on the gateway:
# basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces="ipsec0=eth0"
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=all
plutodebug=all
# Use auto= parameters in conn descriptions to control startup
actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows up.
uniqueids=yes
# defaults for subsequent connection descriptions
# (these defaults will soon go away)
conn %default
keyingtries=1
#compress=yes
disablearrivalcheck=no
authby=rsasig
rightrsasigkey=%cert
leftrsasigkey=%cert
#rightrsasigkey=%dns
left=130.75.137.86
leftcert=vpn-gate.pem
auto=start
pfs=yes
conn rw
right=%any
auto=add
and my ipsec.conf on my XP box:
conn rw
right=%any
left=130.75.137.86
leftca="C=DE, S=State, L=Hannover, O=University of Hannover,
OU=ISDE, CN=CA, E=ca_at_isde.uni-hannover.de"
network=auto
auto=start
pfs=yes
After pinging from my XP box, ifconfig shows no packets for dev ipsec 0
on the gateway:
ipsec0 Link encap:Ethernet HWaddr 00:50:56:62:51:E5
inet addr:130.75.137.86 Mask:255.255.255.0
UP RUNNING NOARP MTU:16260 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Are there any further logs with interesting information for debugging??
Thanks.
>>On Mon, 22 Apr 2002, Adrian Blockus wrote:
>>
>>>I use freeswan 1.97 with x509-patch. For configuration I followed the
>>>instructions by Nate Carlson. When I ping from the XP box I get the
>>>message "Negotiating IP Security" four times, but packet statistics
>>>say, that all packets are lost. If I ping without IPsec started,
>>>everything works. Both machines are in the same subnet. What am I
>>>doing wrong??
>>>
>>Have you checked the logs on the FreeS/WAN gateway?
>>
>>That's the first step to figuring out what is wrong.
>>
>>----------------------------------------------------------------------
>>| nate carlson | natecars_at_natecarlson.com |
>>| brainbench mvp for linux admin -- http://www.brainbench.com |
>>| Depriving some poor village of it's idiot since 1981 |
>>----------------------------------------------------------------------
>>
>
>
>_________________________________________________________
>Do You Yahoo!?
>Get your free @yahoo.com address at http://mail.yahoo.com
>
>
>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:53 CEST