
<html>


<head>

<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">

<meta name=Generator content="Microsoft Word 11 (filtered medium)">

<!--[if !mso]>

<style>

v\:* {behavior:url(#default#VML);}

o\:* {behavior:url(#default#VML);}

w\:* {behavior:url(#default#VML);}

.shape {behavior:url(#default#VML);}

</style>

<![endif]-->


<!--[if !mso]>

<style>

st1\:*{behavior:url(#default#ieooui) }

</style>

<![endif]-->

<style>

<!--

 
 p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:12.0pt;

        font-family:"Times New Roman";}

a:link, span.MsoHyperlink

        {color:blue;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {color:purple;

        text-decoration:underline;}

span.EstiloCorreo17

        {mso-style-type:personal-compose;

        font-family:Arial;

        color:windowtext;}

@page Section1

        {size:595.3pt 841.9pt;

        margin:70.85pt 3.0cm 70.85pt 3.0cm;}

div.Section1

        {page:Section1;}

-->

</style>


</head>


<body link=blue vlink=purple>


<div class=Section1>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Hi, </span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>I have a problem implementing VPN tunnel Lan to Lan using

two host fedora 4, obviously i have installed openswan-2.4.4-1.rpm and

openswan-docs-2.4.4-1.rpm. This is my ipsec.conf:</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>NODE A</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#########################################################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Version 2.0       #conforms to second version of

ipsec.conf specification</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#basic configuration</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Config setup</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> Interfaces=&#8221;ipsec0=eth0&#8221;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> Nat_traversal=yes</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>Conn</span></font><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'> sucursal</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> type=tunnel</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> left=[192.168.16.12</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> leftsubnet=192.168.20.0/24</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> right=192.168.16.13</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> rightsubnet=192.168.10.0/24</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> keyingtries=%forever</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> authby=secret</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> auto=start</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>include /etc/ipsec.d/examples/no_oe.conf</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#########################################################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>NODE B</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#########################################################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Version 2.0       #conforms to second version of

ipsec.conf specification</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#basic configuration</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Config setup</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> Interfaces=&#8221;ipsec0=eth0&#8221;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> Nat_traversal=yes</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>Conn</span></font><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'> sucursal</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> type=tunnel</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> left=[192.168.16.13</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> leftsubnet=192.168.10.0/24</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> right=192.168.16.12</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> rightsubnet=192.168.20.0/24</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> keyingtries=%forever</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> authby=secret</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'> auto=start</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>include /etc/ipsec.d/examples/no_oe.conf</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#########################################################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Then </span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>I used ipsec ranbits 256 &gt; /etc/ipsec.secrets and

send this file by email from node A to node B, and put in /etc/ipsec.secrets</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>I used NAT in both nodes. </span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>But my vpn are not connected, when i exec, my linux

showme this:</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>#########################################################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Cheking your system to see if IPsec got installed and

started correctly</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Version check and ipsec on-path                                   OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Checking for IPsec support in kernel                               OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Checking for RSA private key (/etc/ipsec.secrets)           OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Checking that Pluto is running                                        OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Two or more interfaces found, checking IP forwarding      OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Checking NAT and MASQUERADEing                           OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Checking for &#8216;ip&#8217; command                                            OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Checking for &#8216;setkey&#8217;command for NETKEY

IPsec stack support OK</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Oportunistic Encrytion Support                                      DISSABLED</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>##########################################################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>And when i exec &#8220;service ipsec status&#8221;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;

font-family:Arial'>#############################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>IPsec running    - pluto pid: 2836</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Pluto pid 2836</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>No tunnels up</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>############################</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>I was searching in the web and I was reading the

manual, but I didn&#8217;t found anything to helpme, I really appreciate if the

forum send some &#8220;tips&#8221; to review or maybe and the error in my

configuration. With this email I send you my network diagram.</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>I prefer if you send me an answer to my e-mail, and

then I promise do a resume to all the community.</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>Many thanks.</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:

10.0pt;font-family:Arial'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=3 face=Arial><span style='font-size:12.0pt;

font-family:Arial'>André Monroy Tenorio</span></font><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>&nbsp;<br>

Soporte </span></font><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>Técnico y</span></font><font size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>&nbsp;Redes&nbsp;<br>

Telf:4170700&nbsp;( 596 )</span></font><font face=Arial><span style='font-family:

Arial'><br>

</span></font><font size=2 face=Arial><span style='font-size:10.0pt;font-family:

Arial'>Nextel. 408*3459</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;

font-family:Arial'>Cel 93449199</span></font></p>


<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;

font-family:Arial'><img width=80 height=38 id="_x0000_i1025" src="cid:image001.gif@01C70898.D95EFA40"></span></font></p>


<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:

12.0pt'>&nbsp;</span></font></p>


<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:

12.0pt'>&nbsp;</span></font></p>


</div>


</body>


</html>