I'm trying to connect a laptop to a network. Here's where I am:<br>
<br>
conn road<br>
right=<a href="http://206.180.155.86"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "206.180.155.86" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 206.180.155.86</a> # Dad's
information<br>
rightsubnet=<a href="http://192.168.37.0/24"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.0" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.0/24</a> # Dad's
network <br>
rightid=@<a href="http://gnapold.naparst.com">gnapold.naparst.com</a> #
Dad's information<br>
rightrsasigkey=0sAQOCOvabV...<br>
left=%defaultroute
# Picks up our dynamic IP<br>
leftid=@<a href="http://emigration.naparst.com">emigration.naparst.com</a> #<br>
<br>
The file is the same on the host's gateway, which is <a href="http://192.168.37.2"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.2" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.2</a>.<br>
The router, <a href="http://192.168.37.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.1</a> has ports 500 and 4500 forwarded to <a href="http://192.168.37.2"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.2" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.2</a>,<br>
which as I said is the computer running openswan.<br>
<br>
ipsec verify<br>
Checking your system to see if IPsec got installed and started correctly:<br>
Version check and ipsec
on-path
[OK]<br>
Linux Openswan U2.3.1/K2.6.12-gentoo-r6 (netkey)<br>
Checking for IPsec support in
kernel
[OK]<br>
Checking for RSA private key (/etc/ipsec/ipsec.secrets) [OK]<br>
Checking that pluto is
running
[OK]<br>
Two or more interfaces found, checking IP forwarding [OK]<br>
Checking NAT and
MASQUERADEing
[OK]<br>
Checking for 'ip'
command
[OK]<br>
Checking for 'iptables'
command
[OK]<br>
Checking for 'setkey' command for NETKEY IPsec stack support [OK]<br>
<br>
Opportunistic Encryption DNS checks:<br>
Looking for TXT in forward dns zone:
emigration
[MISSING]<br>
Does the machine have at least one non-private address? [OK]<br>
Looking for TXT in reverse dns zone: 124.227.132.64.in-addr.arpa. [MISSING]<br>
<br>
That looks OK. And I think the tunnel looks OK...<br>
<br>
ipsec auto --status<br>
000 interface lo/lo <a href="http://127.0.0.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "127.0.0.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 127.0.0.1</a><br>
000 interface lo/lo <a href="http://127.0.0.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "127.0.0.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 127.0.0.1</a><br>
000 interface eth0/eth0 <a href="http://64.132.227.124"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "64.132.227.124" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 64.132.227.124</a><br>
000 interface eth0/eth0 <a href="http://64.132.227.124"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "64.132.227.124" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 64.132.227.124</a><br>
000 %myid = (none)<br>
000 debug none<br>
000 <br>
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizema<br>
x=64<br>
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysize<br>
max=192<br>
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128,<br>
keysizemax=128<br>
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160<br>
, keysizemax=160<br>
000 <br>
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=12<br>
8<br>
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=19<br>
2<br>
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20<br>
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16<br>
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024<br>
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536<br>
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048<br>
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072<br>
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096<br>
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144<br>
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192<br>
000 <br>
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} <br>
attrs={0,0,0} <br>
000 <br>
000 "road": 64.132.227.124[@<a href="http://emigration.naparst.com">emigration.naparst.com</a>]---64.132.227.126...206.180.1<br>
55.86[@<a href="http://gnapold.naparst.com">gnapold.naparst.com</a>]===<a href="http://192.168.37.0/24"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.0" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.0/24</a>; unrouted; eroute owner: #0<br>
000 "road": srcip=unset; dstip=unset<br>
000 "road": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuz<br>
z: 100%; keyingtries: 0<br>
000 "road": policy: RSASIG+ENCRYPT+TUNNEL+PFS; prio: 32,24; interface: eth0; <br>
000 "road": newest ISAKMP SA: #0; newest IPsec SA: #0; <br>
000 <br>
000 <br>
<br>
However, when I try to ping the router, I get nothing.<br>
<br>
# ping <a href="http://192.168.37.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.1</a><br>
PING <a href="http://192.168.37.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.1</a> (<a href="http://192.168.37.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.1</a>) 56(84) bytes of data.<br>
<br>
--- <a href="http://192.168.37.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "192.168.37.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 192.168.37.1</a> ping statistics ---<br>
10 packets transmitted, 0 received, 100% packet loss, time 8999ms<br>
<br>
Interestingly, when I try to ping microsoft, I also get nothing:<br>
<br>
ping <a href="http://www.microsoft.com">www.microsoft.com</a><br>
PING <a href="http://lb1.www.ms.akadns.net">lb1.www.ms.akadns.net</a> (<a href="http://207.46.199.30"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "207.46.199.30" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 207.46.199.30</a>) 56(84) bytes of data.<br>
--- <a href="http://lb1.www.ms.akadns.net">lb1.www.ms.akadns.net</a> ping statistics ---<br>
16 packets transmitted, 0 received, 100% packet loss, time 15000ms<br>
<br>
However, when I ping the router's public IP address, that works:<br>
<br>
ping <a href="http://naparst.homelinux.com">naparst.homelinux.com</a><br>
PING <a href="http://naparst.homelinux.com">naparst.homelinux.com</a> (<a href="http://206.180.155.86"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "206.180.155.86" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 206.180.155.86</a>) 56(84) bytes of data.<br>
64 bytes from <a href="http://206.180.155.86.adsl.hal-pc.org">206.180.155.86.adsl.hal-pc.org</a> (<a href="http://206.180.155.86"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "206.180.155.86" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 206.180.155.86</a>): icmp_seq=1 ttl=53 time=44.8 ms<br>
64 bytes from <a href="http://206.180.155.86.adsl.hal-pc.org">206.180.155.86.adsl.hal-pc.org</a> (<a href="http://206.180.155.86"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "206.180.155.86" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 206.180.155.86</a>): icmp_seq=2 ttl=53 time=71.6 ms<br>
64 bytes from <a href="http://206.180.155.86.adsl.hal-pc.org">206.180.155.86.adsl.hal-pc.org</a> (<a href="http://206.180.155.86"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "206.180.155.86" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 206.180.155.86</a>): icmp_seq=3 ttl=53 time=61.2 ms<br>
<br>
I'm lost.<br>
<br>
Harold<br>