From: Mogens Valentin (monz_at_danbbs.dk)
Date: Wed Aug 21 2002 - 14:34:53 CEST
Maria Backlund wrote:
> We've generated keys at the left and at the right side and added them
> to the connection in ipsec.conf. When we use "ipsec auto --add
> <connectionname>" on both sides and then "ipsec auto --up
> <connectionname>" on one side we're told that several "STATE_MAIN..."
> are passed and finally that Ipsec SA is established. When we look in the
> /var/log/messages we see no signs of error messages, or perhaps we miss
> them due to our lack of knowledge...
If, on either side of a connection, you get something like:
...Pluto[659]: "H26-H8-net13" #2492: responding to Quick Mode
...Pluto[659]: "H26-H8-net13" #2492: IPsec SA established
then your tunnel is most likely working, and it's up to i.e. firewalling
to allow relevant traffic. Read the docs on firewalling, especially
faq.html and firewall.html, or grep the docs-dir for
iptables/ipchains/firewall ..
> Anyway, when we try to ping between the two clients in our network they
> can't reach eachother :( The pinging works fine until the lign "IPsec SA > established" shows up. What's causing the ping problem?
What do you mean by 'the two clients'? Do you refer to actual clients
_behind_ vpn-gateways, or the vpn-gateways themselves?
You can't ping from one vpn-gw to another vpn-gw, U know..
-- Kind regards / venlig hilsen, Mogens Valentin, Mr DevIT Networking, Security, Server Setup http://www.mrdev.com mrdev_at_danbbs.dk Phone +45 32 525 878 Cell 51 227 668 _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Wed Aug 21 2002 - 17:20:28 CEST