<br><br><div><span class="gmail_quote">On 4/17/07, <b class="gmail_sendername">TESTVPN R119LNXADM</b> <<a href="mailto:testvpn.r119lnxadm@googlemail.com">testvpn.r119lnxadm@googlemail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<span style="text-decoration: underline;"><span style="text-decoration: underline;">I</span>psec.conf</span><br>
<br>
conn net-to-net<br>
left=<a href="http://172.16.12.33" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">172.16.12.33</a>
# Public Internet IP address of the<br>
# LEFT VPN device<br>
leftsubnet= <a href="http://255.255.255.0/24" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.0/24</a> # Subnet protected by the LEFT VPN device<br>
leftid=@bbsvarel.local
# FQDN of Public Internet IP address of the<br>
# LEFT VPN device with an "@"<br>
leftrsasigkey=0sAQPIo+CSrWZVWD/aFtRpl8Hbh6yWjEEkgHvZu8ORZuohxfOPAeVOpOSOUB2SIKE0tnNuwlaP8zPqVyvxPUncjjtDJFI6sBmicXTJiDnadUJp8onwm1kxKS6olRM+b4iFaiqr//ciZBygrysnG1sbYJce15gpXmecnbRFYqTQRdI8XFvL40SaNQwtdcOB3pIQqV4OF47unoUkHquL6Sh2ZQYOoqgtaP7++ozOJ6KTc1+J/xVeksRAH0LN+rZ0CsbUGqVabZk+/5QP5/s2uBBDdfFsnV/KX4q337xOptdYc1UcNGAFWkL6dAunoPKdik5zEx9NVZ0x5bv5bry3ANHMkOQgSYgE70M/Mh52zR5uMFEQhBRz
<br>
leftnexthop=%defaultroute # correct in many situations<br>
right=<a href="http://172.16.12.35" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">172.16.12.35</a>
# Public Internet IP address of<br>
# the RIGHT VPN device<br>
rightsubnet=<a href="http://255.255.255.0/24" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.0/24</a> # Subnet protected by the RIGHT VPN device<br>
rightid=@bbsvarel.local
# FQDN of Public Internet IP address of the<br>
# RIGHT VPN device with an "@"<br>
rightrsasigkey=0sAQNxn7BLbjR56T666AjKY/rVr371HVunTJ/yDDafi0gRkg98gzeUXYTKpJyfZwfX/WzUP/C23nMPZpQWOYuFZNC5uPNLho/7VYU1TG2Rma5XqzZOp6XdhNkRviZp8C4DvbHrtGJIuAs6nItcpPLgcovZ3/y3KPxidfnlrckYlO4owUnbxRinyBHK2XylTVjYUx4w11/dJleM7GImiOZWIVu0SokyFhH4FyJ8wOoKrrP+mf90aWq9JVOXP4x+TQhpAxERG5qSZpSMUthB0Hr9gSfy1hk2NhbfRG+EUV5vI0oie0bBAvkfuWjbe370Zu/In1H6ETCi8+EezUndvoBRwESjV4LcnOtMMeDaPCqwsu0OXscz
<br>
rightnexthop=%defaultroute # correct in many situations<br>
auto=start
# authorizes and starts this connection<br>
# on booting<br>
<br>
<br>
<span style="text-decoration: underline;">Ipsec verify</span><br>
<br>
Checking your system to see if IPsec got installed and started correctly:<br>
Version check and ipsec
on-path
[OK]<br>
Linux Openswan U2.2.0/K2.6.8-2-386 (native)<br>
Checking for IPsec support in
kernel
[OK]<br>
Checking for RSA private key
(/etc/ipsec.secrets)
[OK]<br>
Checking that pluto is
running
[OK]<br>
Two or more interfaces found, checking IP
forwarding
[OK]<br>
Checking NAT and
MASQUERADEing
[N/A]<br>
Checking for 'ip'
command
[OK]<br>
Checking for 'iptables'
command
[OK]<br>
Checking for 'setkey' command for native IPsec stack
support
[OK]<br>
<br>
Opportunistic Encryption DNS checks:<br>
Looking for TXT in forward dns zone:
r119-lnx-e03
[MISSING]<br>
<a href="http://172.16.0.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">172.16.0.1</a> connect: Resource temporarily unavailable<br>
<a href="http://172.16.0.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">172.16.0.1</a> connect: Resource temporarily unavailable<br>
r119-lnx-e03.bbsvarel.local TXT record not found, try again<br>
Does the machine have at least one non-private
address?
[FAILED]<br>
<br>
<span style="text-decoration: underline;"><span style="text-decoration: underline;">T</span>rying to get the connection running</span><br>
<br>
r119-lnx-e03:~# ipsec auto --up net-to-net<br>
<br>
022 "net-to-net": We cannot identify ourselves with either end of this connection.<br>
<br>
I'am really getting fed up with openswan at the moment. Probably my thing.<br>
<br>
Thanks in advance,<br>
<br>
Tjeard<br>
<br>
</blockquote></div><br>