<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2802" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Hi to all, </FONT></DIV>
<DIV><FONT size=2>I'm trying to configure net to net connection with
openswan.</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>My network configuration is:</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Side 1</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>10.0.0.0/24 (local subnet) --> GW1 (192.168.1.4) -->
(192.168.1.1) ROUTER (PUBLIC IP)--> internet</FONT></DIV>
<DIV><FONT size=2> </FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Side2</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>10.0.2.0/26 (local subnet) --> GW2 (192.168.1.2) -->
(192.168.1.1) ROUTER (PUBLIC IP) --> internet</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>The two routers make natting from public IP to GW1 or GW2 eth0
(192.168.1.4 for GW1 and 192.168.1.2 for GW2)</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>GW1 configuration</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>version 2.0</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>config setup<BR>
nat_traversal=yes<BR>
interfaces="ipsec0=eth0"<BR>
plutodebug="all"</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>conn vpn</FONT></DIV>
<DIV><FONT size=2>
left=192.168.1.4<BR>
leftsubnet=10.0.0.0/24<BR>
leftnexthop=192.168.1.1<BR>
right=192.168.1.2<BR>
rightsubnet=10.0.2.0/26<BR>
rightnexthop=PUBLICIP_GW2<BR>
authby=secret<BR>
auto=start</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>include /etc/ipsec.d/examples/no_oe.conf<BR></FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>GW2 configuration</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV>
<DIV><FONT size=2>version 2.0</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>config setup<BR>
nat_traversal=yes<BR>
interfaces="ipsec0=eth0"<BR>
plutodebug="all"</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV></DIV>
<DIV><FONT size=2>conn vpn<BR>
left=192.168.1.2<BR>
leftsubnet=10.0.2.0/26<BR>
leftnexthop=192.168.1.1<BR>
right=192.168.1.4<BR>
rightsubnet=10.0.0.0/24<BR>
rightnexthop=PUBLICIP_GW1<BR>
auto=start<BR>
authby=secret<BR></FONT></DIV>
<DIV><FONT size=2>include /etc/ipsec.d/examples/no_oe.conf</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>IPSEC BARF give to me this error : </FONT></DIV>
<DIV><FONT size=2>"#1: ERROR: asynchronous network error report on eth0
(sport=500) for<BR> message to 192.168.1.4 port 500, complainant
192.168.1.2: No route to host [errno 113, origin ICMP type 3 code 1 (not
authen<BR>ticated)]"</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>What can I do ?</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Thnaks</DIV>
<DIV><BR></DIV></FONT></BODY></HTML>