From: Brian (blanda_at_mnsi.net)
Date: Thu Oct 10 2002 - 01:52:57 CEST
You need to setup routing on both sides
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -I FORWARD -o ipsec0
iptables -I FORWARD -j ACCEPT
-----Original Message-----
From: users-admin_at_lists.freeswan.org
[mailto:users-admin_at_lists.freeswan.org]On Behalf Of kimhw
Sent: Tuesday, October 08, 2002 11:31 PM
To: users_at_lists.freeswan.org
Subject: [Users] FreeS/WAN with PPPoE
Hi.
I'd like to use FreeS/WAN with PPPoE.
Maybe, "IPSEC" is connected between two networks. Because I checked "ipsec
look" and "ipsec auto --status".
I can't confirm PING connection. I don't Know what is my problem.
I will wtite my configuration file, Please check My Problem..
This is my network Environment.
Network ------------ FreeS/WAN ------ G/W ---- [Internet]----
G/W ---- ADSL Modem ---- FreeS/WAN -------- Network
10.10.10.0/24 10.10.10.1 20.20.20.2 20.20.20.1
30.30.30.1 30.30.30.2 40.40.40.1 40.40.40.0/24
eth0 eth1
ppp0 eth1
Left FreeS/WAN configuration File
### This is ipsec.conf file ###
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
conn %default
keyingtries=1
authby=secret
conn test
type=tunnel
left=20.20.20.2
leftsubnet=10.10.10.0/24
leftnexthop=20.20.20.1
right=30.30.30.2
rightsubnet=40.40.40.0/24
rightnexthop=30.30.30.1
keyexchange=ike
ikelifetime=240m
keylife=60m
pfs=yes
compress=no
Right FreeS/WAN configuration File
### This is ipsec.conf file ###
config setup
interfaces="ipsec0=ppp0"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
conn %default
keyingtries=1
authby=secret
conn test
type=tunnel
left=20.20.20.2
leftsubnet=10.10.10.0/24
leftnexthop=20.20.20.1
right=30.30.30.2
rightsubnet=40.40.40.0/24
rightnexthop=30.30.30.1
keyexchange=ike
ikelifetime=240m
keylife=60m
pfs=yes
compress=no
Left ipsec.secrets file
### This is ipsec.conf file ###
20.20.20.2 30.30.30.2 : PSK "TheSecrets"
Right ipsec.secrets file
### This is ipsec.conf file ###
30.30.30.2 20.20.20.2 : PSK "TheSecrets"
I checked PING connection between two networks Before I start IPSEC.
And I run "ipsec setup start" and "ipsec auto --add test" "ipsec auto --up
test"
So, IPSEC tunnel was established between two networks now. But They can
not negotiate PING.
I captured Packet between ADSL Modem and FreeS/WAN wit Sniffer. It's looks
fine.
The source and destination IP was changed, They are using IPSEC tunnel End
Point Address as 20.20.20.2 and 30.30.30.3.
And The Sniffer can not read Data, The Sniffer can display IKE about Data.
It looks like correctly working now.
Why I can't check Ping Between 10.10.10.0/24 and 40.40.40.0/24. Please
Somebody help me.
Thanks
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Thu Oct 10 2002 - 05:20:25 CEST