Vasily,
thanks for the reference with the public IPs. In the reason you are
right, here in the special however not extremely badly, since the IPs
changes all 24h.
The log file "var/log/secure" does not exist with me. On both gateways
the German SuSE Distribution(7.2) is installed. I will look for the
Logs for the option to provide.
The debugmessages of Pluto I see all into "var/log/messages". There I
have however the Message, which you did describe,not found.
But why wrong routing? I see the ping at the outgoing gateway (named
arakasi) on ipsec device and at the other detailed incoming gateway
(named frankfurt) on ipsec device. There, on the other gateway
(frankfurt), I see also reply packets at ipsec device, but do not
arrive reply packets with me.
After some minutes, I see nothing at all more with "tcpdump -i ipsec0"
on the other gateway(frankfurt).
> What that means is that you need to define rightnexthop and
> leftnexthop on both gateways, it can't route non-routable ips.
>
>
See below. I registered it.
leftnexthop and rightnexthop are the next official routers from my
provider.
> > # sample connection
> > conn CarstenTom
> > # Left security gateway, subnet behind it, next hop toward
> > right.
> > left=217.84.xx.xx
> > leftsubnet=192.168.60.0/255.255.255.0
> > leftnexthop=217.5.98.7
> > # Right security gateway, subnet behind it, next hop toward
> > left.
> > right=80.133.xx.xxx
> > rightsubnet=192.168.11.0/255.255.255.0
> > rightnexthop=217.5.98.47
> > # To authorize this connection, but not actually start it,
> > at startup,
> > # uncomment this.
> > auto=add
> > leftid=@frankfurt
> > rightid=@arakasi
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:57 CEST