From: Fernando Mario Montenegro Zamora (fdo_montenegro_at_hotmail.com)
Date: Sat Sep 14 2002 - 04:10:40 CEST
(Have problems mailing list?)
Hi...
It is my first FreesWann experiens, and can`t ping remote host subnet...
I applied
"<http://www.natecarlson.com/include/showpage.php?cat=linux&page=ipsec-x509>"
My configuration is
SERVER : linux RedHat 7.3 / Kernel 2.4.18-3./
freeswan-1.98b_x509_0.9.14_2.4.18_3-0.i386.RPM
CLIENTS : linux RedHat 7.3 linux RedHat 7.3 / Kernel
2.4.18-3./freeswan-1.98b_x509_0.9.14_2.4.18_3-0.i386.RPM
and W2000Prof IPSecpol + vpn.ebootis.de-IPSEC.EXE
Clients (200.72.20.149/linux) and (200.72.20.150/W2000)
FreesWan external addr : 200.72.20.147 (internet/eth0)
FreesWan internal addr : 192.168.1.160 (internal subnet/eth1)
Internal Network : 192.168.1.0/24 (only 3 PCs with W98, HUB conect only)
My servers say :
SERVER :
/var/log/secure : (Conection is established !!!)
Sep 12 00:59:16 david Pluto[1014]: "roadwarrior-net"[1] 200.72.20.149 #1:
sent MR3, ISAKMP SA established
Sep 12 00:59:16 david Pluto[1014]: "roadwarrior"[2] 200.72.20.149 #2:
responding to Quick Mode
Sep 12 00:59:16 david Pluto[1014]: "roadwarrior"[2] 200.72.20.149 #2: IPsec
SA established
Sep 12 00:59:16 david Pluto[1014]: "roadwarrior-net"[1] 200.72.20.149 #3:
responding to Quick Mode
Sep 12 00:59:16 david Pluto[1014]: "roadwarrior-net"[1] 200.72.20.149 #3:
IPsec SA established
#route (command)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
200.72.20.149 200.72.20.149 255.255.255.255 UGH 0 0 0
ipsec0
200.72.20.144 * 255.255.255.248 U 0 0 0 eth0
200.72.20.144 * 255.255.255.248 U 0 0 0
ipsec0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default david.sbch.cl 0.0.0.0 UG 0 0 0 eth0
#ipsec eroute (command)
0 192.168.1.0/24 -> 200.72.20.149/32 =>
tun0x1004_at_200.72.20.149
6 200.72.20.147/32 -> 200.72.20.149/32 =>
tun0x1002_at_200.72.20.149
#ifconfig -a (command)
eth0 Link encap:Ethernet HWaddr 00:50:BA:C9:DF:B7
inet addr:200.72.20.147 Bcast:200.72.20.151 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3910 errors:0 dropped:0 overruns:0 frame:0
TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:388231 (379.1 Kb) TX bytes:4160 (4.0 Kb)
Interrupt:10 Base address:0x8f00
eth1 Link encap:Ethernet HWaddr 00:04:75:71:34:97
inet addr:192.168.1.160 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:419 errors:0 dropped:0 overruns:0 frame:0
TX packets:3788 errors:0 dropped:0 overruns:0 carrier:0
collisions:5 txqueuelen:100
RX bytes:26864 (26.2 Kb) TX bytes:227280 (221.9 Kb)
Interrupt:11 Base address:0xd800
eth2 Link encap:Ethernet HWaddr 2E:EC:21:3C:F2:2A
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:11 Base address:0xde00
ipsec0 Link encap:Ethernet HWaddr 00:50:BA:C9:DF:B7
inet addr:200.72.20.147 Mask:255.255.255.248
UP RUNNING NOARP MTU:16260 Metric:1
RX packets:3793 errors:0 dropped:5 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:113640 (110.9 Kb) TX bytes:0 (0.0 b)
ipsec1 Link encap:IPIP Tunnel HWaddr
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec2 Link encap:IPIP Tunnel HWaddr
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec3 Link encap:IPIP Tunnel HWaddr
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:400 (400.0 b) TX bytes:400 (400.0 b)
-------------------------------------------------------------
CLIENT : (conection is established OK !!!) (linux with linux)
Sep 11 21:56:22 linux_01 Pluto[1413]: "roadwarrior" #1: initiating Main Mode
Sep 11 21:56:22 linux_01 Pluto[1413]: "roadwarrior" #1: Peer ID is
ID_DER_ASN1_DN: 'C=CL, ST=Metropolitana, L=Santiago, O=sbchchile,
CN=davidcl, E=emaildavidcl'
Sep 11 21:56:22 linux_01 Pluto[1413]: "roadwarrior" #1: ISAKMP SA
established
Sep 11 21:56:22 linux_01 Pluto[1413]: "roadwarrior" #2: initiating Quick
Mode RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS+UP
Sep 11 21:56:23 linux_01 Pluto[1413]: "roadwarrior" #2: sent QI2, IPsec SA
established
Sep 11 21:56:34 linux_01 Pluto[1413]: "roadwarrior-net" #3: initiating Quick
Mode RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS+UP
Sep 11 21:56:34 linux_01 Pluto[1413]: "roadwarrior-net" #3: sent QI2, IPsec
SA established
I Test with (nmap -P0 -O 192.168.1.0/24) but no respond, no obtain
responses. Equal with ping (time out) or other test command.
¿ Where is my problem ?
Needs add routes inside FreesWan or any Router/Switch.
HELPME please, and excuse my english...
Thanks in advance !!
Fdo++
Fernando Montenegro Z.
----------------------
Miguel Claro 164 Dpto 401-A
Providencia / Santiago / Chile
Fono : (56) - 02 - 235 77 00
Celular : (56) - 09 - 895 20 73
_________________________________________________________________
Únase al mayor servicio mundial de correo electrónico:
http://www.hotmail.com/es
This archive was generated by hypermail 2.1.4 : Sun Sep 15 2002 - 05:20:05 CEST