[Users] must first ping from right to left...

From: jef peeraer (jef.peeraer_at_pandora.be)
Date: Tue Jan 14 2003 - 21:06:35 CET

Next message: priya balu: "[Users] icon"
Previous message: Mark A. Grafing: "[Users] Route Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I've finally got subscribed ! So i fire away my question :
My project involves one hosted server, and 15 roadwarriors with a thin-client
solution ( LTSP ) attached to it. The connection between the roadwarrios and
the server should be secure. I've got a test setup already, a working
freeswan configuration ( i think ), but i always have to ping from the server
to the roadwarriors before the roadwarriors can access the server.

Setup looks like this :

left :
---| freeswan gateway |--------| adsl router | ====
192.168.1.10 192.168.1.1 dyn ip

right :
static ip 192.168.0.234 192.168.0.30
=====| adsl router | ----------------------| freeswan gateway/server | -----
x.y.z.w

the adsl routers do vpn passthru, corrct ports are forwarded to the freeswan
gateways. The two configs ( left and right are somewhat different because of
the port forwarding.

right :
conn welzijns2
        type = tunnel
        # Left security gateway, subnet behind it, next hop toward right.
        left=%any
        leftid=@welzijn.deterp.be
        leftrsasigkey=....
        leftnexthop=192.168.1.1
        leftsubnet=192.168.1.0/24
        # Right security gateway, subnet behind it, next hop toward left.
        right=%defaultroute
        rightid=@master.deterp.be
        rightrsasigkey=...
        #rightnexthop=192.168.0.234
        rightsubnet=192.168.0.0/24
        #auto=add

left:
conn welzijns2
        type = tunnel
        # Left security gateway, subnet behind it, next hop toward right.
        left=%defaultroute
        leftid=@welzijn.deterp.be
        leftrsasigkey=...
        #leftnexthop=192.168.1.1
        leftsubnet=192.168.1.0/24
        # Right security gateway, subnet behind it, next hop toward left.
        right=x.y.z.w
        rightid=@master.deterp.be
        rightrsasigkey=
        rightnexthop=192.168.0.234
        rightsubnet=192.168.0.0/24

I always have to ping from the right to left first, ( 192.168.0.30 to
192.168.1.10 ) , the i can ping from left to right. But after a while , i end
up in the above situation. I could implement a script on the right freeswan,
but i prefer too know what is happening....

Jef Peeraer

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: priya balu: "[Users] icon"
Previous message: Mark A. Grafing: "[Users] Route Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Wed Jan 15 2003 - 20:11:40 CET