Re: [Users] Create a private tunnel

From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Fri Aug 02 2002 - 08:59:57 CEST

• Next message: Nayar, Deep: "[Users] Problems in setting host to host ESP IPSEC transport mode connect ion ..."
• Previous message: tonia_at_yahoo.com: "*****SPAM***** [Users] Check This Offer Out!"
• In reply to: Jorge Mota: "[Users] Create a private tunnel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I don't see a

    left=%defaultroute

statement in your ipsec.conf. Is your connection successfully loaded
at all? Check it in the log:

   added connection description "RW_Cert_VPN"

and with

   ipsec auto --status

you should see the added connections.

Regard

Andreas

Jorge Mota wrote:
> Hello,
>
> I have in my private network a Freeswan server (192.168.0.254) and a W98
> SSH Sentinel Client (192.168.0.56).
> I want to know where can I find a configuration example for build this
> experimental vpn. I have tryed the help from ssh.com (Freeswan + SSh
> Sentinel.pdf), and I can't have a connection between this stations. When
> I run the diagnostics in the SSH Sentinel the error ("Cannot run the
> diagnostics. The remote end do not respond the IKE proposal (phase-1)")
> appears.
>
> My ipsec.conf is:
>
> config setup
> # THIS SETTING MUST BE CORRECT or almost nothing will work;
> # %defaultroute is okay for most simple cases.
> interfaces="ipsec0=eth0"
> # Debug-logging controls: "none" for (almost) none, "all" for lots.
> klipsdebug=all
> plutodebug=all
> # Use auto= parameters in conn descriptions to control startup
> actions.
> plutoload=%search
> plutostart=%search
> # Close down old connection when new one using same ID shows up.
>
> # defaults for subsequent connection descriptions
> # (these defaults will soon go away)
> conn %default
> keyingtries=0
> compress=no
> disablearrivalcheck=no
> keyexchange=ike
> ikelifetime=240m
> keylife=60m
> pfs=yes
> authby=rsasig
> right=%any
> rightrsasigkey=%cert
> leftcert=freeswan_cert.pem
> auto=add
>
> conn RW_Cert_VPN
> type=tunnel
> leftsubnet=192.168.0.0/24
>
> conn RW_Cert_SecuredConnection
> type=transport
>
> Tia,
>
> Jorge Mota
>
> Sociedade Torreense de Informática, Lda.
> Praça 25 de Abril 1A
> 2560-286 Torres Vedras
> Portugal
>
> Tel: 351 261316245 Fax: 351 261316239
> Email: sti_at_sti-lda.pt <mailto:sti_at_sti-lda.pt>
> Web: www.sti-lda.pt <http://www.sti-lda.pt>
>
> ICQ: 144549508

-- 
======================================================================
Andreas Steffen                 e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH                  phone:  +41 76 340 25 56
Alter Zürichweg 20              home:   http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Nayar, Deep: "[Users] Problems in setting host to host ESP IPSEC transport mode connect ion ..."
• Previous message: tonia_at_yahoo.com: "*****SPAM***** [Users] Check This Offer Out!"
• In reply to: Jorge Mota: "[Users] Create a private tunnel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:35 CEST