From: Francesco Tornieri (francesco.tornieri_at_duke.it)
Date: Wed Oct 09 2002 - 11:42:52 CEST
Hi guys,
I'm attempting to configure a vpn (lan -linux- to roadwarrior -windows-). At this time I have a unique pc for:
1-gateway (nat)
2-vpn point
I'd like to create a vpn with only static ip (gateway side, I don't use "leftnexthop") but I've some problems:
a-routing table (I have to force it with "leftupdown" option") -not critical-
b-ping roadwarrior to lan...it doesn't go :( (I haven't any errors in my log)
My ipsec.conf file (linux side):
config setup
interfaces="ipsec0=eth1"
klipsdebug=none
plutodebug=klips
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
# sample VPN connection
conn roadwarrior-net
leftupdown=/etc/ipsec.d/updown
leftsubnet=192.168.2.0/255.255.255.0
also=roadwarrior
conn roadwarrior
right=%any
left=X.X.X.X
leftnexthop=0.0.0.0
leftcert=pc-test.pem
auto=add
pfs=yes
Windows side:
conn roadwarrior
left=%any
right=X.X.X.X
rightca="C=X, ST=X...."
network=auto
auto=start
pfs=yes
conn roadwarrior-net
left=%any
right=X.X.X.X
rightsubnet=192.168.2.0/255.255.255.0
rightca="C=X, ST=X...."
network=auto
auto=start
pfs=yes
My configuration is ok if I use two ip: one for gateway and one for freeswan (two different pcs). Have you some ideas?
Regards, Francesco
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sat Oct 12 2002 - 05:20:25 CEST