[Openswan Users] Can't get the road warrior example to work.
Paul Wouters
paul at xelerance.com
Wed Dec 16 15:19:30 EST 2009
On Wed, 16 Dec 2009, Michael Rychlik wrote:
> My ipsec.conf looks like this:
>
> On the road warrior in an office:
>
> conn road
> left=%defaultroute # Picks up our dynamic IP
> leftid=@rsm-1.rsm.fi # Local information
> leftrsasigkey=0sAQOA59S41zh.....
> right=194.79.19.179 # Remote information
> rightid=@fits-server.rsm.fi #
> rightrsasigkey=0sAQOdTUwfyxm.....
> auto=add # authorizes but doesn't start this
> # connection at startup
>
> On my server at the hosting provider:
>
> conn road
> left=194.79.19.179 # Gateway's information
> leftid=@fits-server.rsm.fi #
> leftrsasigkey=0sAQOdTUwf............
> right=%any # Wildcard: we don't know the laptop's IP
> rightid=@rsm-1.rsm.fi #
> rightnexthop=%defaultroute # correct in many situations
> rightrsasigkey=0sAQOA59........
add: rightsubnet=vhost:%priv,%no as the logs below show you are coming from behind NAT.
This also requires config setup to have nat_traversal=yes and a valid virtual_private=
line.
> cannot respond to IPsec SA request because no connection is known for
> 194.79.19.179[@fits-server.rsm.fi]...62.237.208.66[@rsm-1.rsm.fi]===10.65.1.181/32
Paul
More information about the Users
mailing list