[Openswan Users] Windows XP (lsipsectool) - Debian connection Problem [REVISED]
Dharmesh Chauhan
dharmesh.chauhan at yahoo.com
Thu Jul 26 11:49:55 EDT 2007
Sorry Paul, I made a little mistake in my mail. Actually it was connection for Net-to-roadwarrior and there is no right subnet in that ipsec.config.
Following that I also mentioned ipsec.config for Net-to-Net connection and there I did not made mistake.
Anyway here is that mail with correction :
______________________________________________
I am trying to net-to-roadwarrior IPSEC connection beween debian gateway and a Windows XP machine using lsipsectool (http://sourceforge.net/projects/lsipsectool/). I was able to establish the connection but could not get desired pings.
However after adding one routing table entry in Windows XP machine I could get the desired results (Details mentioned below).
ipsec.conf on debian gateway
=========================
version 2.0
config setup
interfaces=%defaultroute
nat_traversal=yes
conn %default
keyingtries=1
conn nettwo
left=10.10.136.90
leftsubnet=192.168.1.0/24
right=10.10.136.10 #No right subnet as this is Net-ro-roadwarrior
authby=secret
esp=3des-md5
pfs=yes
auto=start
LsipsecTool Settings
===================
Local Side of the tunnel:
IPAddress: 10.10.136.44
Local Address/Network Mask : 10.10.136.44 / 255.255.255.255
Remote Side of the tunnel
---------------------------------------
VPN Gateway: 10.10.136.90
Remote Internal IP: 10.10.136.90
Private Address/Network Mask: 192.168.1.0 / 255.255.255.0
IPSec Options
---------------------
Authentication method : Pre-shared key (yogesh)
Proto/Encryption/Registry: ESP 3DES MD5
IKE Duration 3500 Secs. 50000 KBytes
These configurations established the connection but I could get desired pings only after adding routing table entry in Windows XP side with the command
ROUTE ADD 192.168.1.0 MASK 255.255.255.0 10.10.136.90
However When I tried to establish Net-to-Net Connection with these changes
psec.conf on debian gateway
=========================
version 2.0
config setup
interfaces=%defaultroute
nat_traversal=yes
conn %default
keyingtries=1
conn nettwo
left=10.10.136.90
leftsubnet=192.168.1.0/24
right=10.10.136.10
rightsubnet=192.168.0.0/24
authby=secret
esp=3des-md5
pfs=yes
auto=start
LsipsecTool Settings
===================
Local Side of the tunnel:
IPAddress: 10.10.136.44
Local Address/Network Mask : 192.168.0.0 / 255.255.255.0
Remote Side of the tunnel
---------------------------------------
VPN Gateway: 10.10.136.90
Remote Internal IP: 10.10.136.90
Private Address/Network Mask: 192.168.1.0 / 255.255.255.0
IPSec Options
---------------------
Authentication method : Pre-shared key (yogesh)
Proto/Encryption/Registry: ESP 3DES MD5
IKE Duration 3500 Secs. 50000 KBytes
Here also connection got established but desired pings are not obtained even after adding routing table entry using
ROUTE ADD 192.168.1.0 MASK 255.255.255.0 10.10.136.90
I also tried setting up Windows XP machine as router (http://www.haxial.com/faq/routerconfig/winxp/) but then also I couldn't get desired pings.
Can anybody help me for these queries
Net-to-net vpn connection between Windows XP and Linux Openswan.
Why it required to add routing table entry for Net-to-roadwarror connection.
Why Windows XP does not add any virtual connection for IPSEC (like ipsec0 in linux) and relevent routing table entries.
---------------------------------
Once upon a time there was 1 GB storage in your inbox. Click here for happy ending.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070726/fae3a572/attachment.html
-------------- next part --------------
_______________________________________________
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list