From: Bing Zhang (bzhang_at_sohar.com)
Date: Thu Oct 10 2002 - 22:26:20 CEST
I can not even bring the tunnel up. I will double check.
Bing
-----Original Message-----
From: Aldo S. Lagana
To: 'Bing Zhang'; users_at_lists.freeswan.org
Sent: 10/10/02 12:15 PM
Subject: RE: [Users] Is this doable?
it works absolutely well for me using RSA keys. I have MANY freeswan
1.4 boxes out there and my main site one is freeswan 1.98. I am not
sure what your problem is? Can you get the tunnels to come 'up'?
Or are they up fine without being able to get data from one subnet to
another?
If you cannot get the tunnels up, then look at port 500 & protocal 50 &
51.
If you cannot get data through tunnels, then look at FORWARD rules from
LAN to LAN.
> -----Original Message-----
> From: users-admin_at_lists.freeswan.org
> [mailto:users-admin_at_lists.freeswan.org] On Behalf Of Bing Zhang
> Sent: Thursday, October 10, 2002 1:52 PM
> To: 'users_at_lists.freeswan.org'
> Subject: [Users] Is this doable?
>
>
> I have two linux boxes that are my gateway and router. Both
> are running NAT and firewall. One is running FreeSwan 1.98b
> and iptables, the other one is freeswan 1.5 with ipchains.
> They are going to use pre-shared secrets.
>
> On the 1.98b one, if I do ipsec verify, it complains that
> ipchains is missing. I think this is not critical as long as
> I open port 500 and protocol 50, 51 inside my iptables.
>
> Basically I want to ask whether this is possible if both ends
> are using NAT? Any sample configs and catches I need to pay
> attention? I set it up and it is not working, :-(. I want to
> debug it, but do not know how to proceed it.
>
> Thanks,
>
> Bing
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/use> rs
>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Fri Oct 11 2002 - 05:20:24 CEST