[Users] Help me please

From: Rohit Peyyeti (rohit_at_translogicsys.com)
Date: Tue Jul 30 2002 - 15:20:18 CEST

• Next message: Müller, Marcus: "[Users] AW: Problem with freeswan 1.96/X509 + Win XP/2000 clients"
• Previous message: Jon Erdman: "Re: [Users] network connection w/ RoadWarrior and IP network"
• Next in thread: John A. Sullivan III: "Re: [Users] Help me please"
• Reply: John A. Sullivan III: "Re: [Users] Help me please"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello:

I need setup freeswan 1.98b on one of my RedHat linux box. Everything seems to
run fine. Here is how my ipsec.conf looks like:

conn %default
        keyingtries=1
        authby=secret
        left=<Private gateway IP address>
        auto=add

conn my-roadwarrior-connection
        type=tunnel
        leftnexthop=<Next hop from the gateway to my ISP>
        leftsubnet=0.0.0.0/0
        right=%any
        keyexchange=ike
        keylife=60m
        pfs=yes
        compress=no
        authby=secret

This connection works perfectly file. I'm able to get connected to the VPN
server and also browse some locally hosted websites when connected using
a dialup.

But for my next requirement, my client wants to get connected to this VPN
server. But he is on cable internet and is connected to a router which
actually proxy his requets to the internet (NAT). Here is how his connection
looks like:

conn client-from-home
       type=tunnel
       leftnexthop=<Next hop from the gateway to my ISP>
       leftsubnet=0.0.0.0/0
       right=<My client's private IP address>
       rightsubnet=<My Client's local subnet>
       rightnexthop=<next home from my clients gateway>
       keyexchange=ike
       keylife=60m
       pfs=yes
       compress=no
       authby=secret

I use pre-shared keys. When my client tries to connect, this is what it gets
printed in /var/log/secure

Jul 29 13:09:34 plasma pluto[12524]: "my-roadwarrior-connection"[5] XXX.XXX.XXX.XX #22: Peer ID is ID_IPV4_ADDR: '192.168.246.7'
Jul 29 13:09:34 plasma pluto[12524]: "my-roadwarrior-connection"[5] XXX.XXX.XXX.XX #22: no suitable connection for peer '192.168.246.7'

my client uses SSH Sentinel to connect to Freeswan VPN server. But looks like it is taking 'my-roadwarrior-connection'
connection from ipsec.conf instead of 'client-from-home'. Is there anything which I'm missing. Please let
me know even if I made stupid mistake somewhere ;-)

Reagrds,
Rohit Peyyeti

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Müller, Marcus: "[Users] AW: Problem with freeswan 1.96/X509 + Win XP/2000 clients"
• Previous message: Jon Erdman: "Re: [Users] network connection w/ RoadWarrior and IP network"
• Next in thread: John A. Sullivan III: "Re: [Users] Help me please"
• Reply: John A. Sullivan III: "Re: [Users] Help me please"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:34 CEST