<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7638.1">
<TITLE>RE: [Openswan Users] Ipsec auto --up {tunnelname} hangs</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">> end up sharing a phase1 if you connect both tunnels to the same IP</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">> addresses on each end. Which might be part of your problem?</FONT></SPAN>
</P>
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">I just saw this after I sent my other long-winded email. The IP Addresses on the LAN side are different</FONT><FONT SIZE=2 FACE="Arial"> but the Internet side is the same for both</FONT><FONT SIZE=2 FACE="Arial">. Here are relevant portions of the conn definitions. </FONT></SPAN></P>
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"># basic configuration</FONT></SPAN>
</P>
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">conn JanesvilleCheetah-Everywhere</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> type=tunnel</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> # Left security gateway, subnet behind it, next hop toward right.</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> also=janesvillecheetah</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> leftupdown=/etc/ipsec.d/janesville.cheetah-updown.sh</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> # Right security gateway, subnet behind it, next hop toward left.</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> also=hq</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> auto=start</FONT></SPAN>
</P>
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">conn JanesvillePNT-Everywhere</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> type=tunnel</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> # Left security gateway, subnet behind it, next hop toward right.</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> also=janesvillepnt</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> leftupdown=/etc/ipsec.d/janesville.pnt-updown.sh</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> # Right security gateway, subnet behind it, next hop toward left.</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> #</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> also=hq</FONT></SPAN>
<BR><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial"> auto=ignore</FONT></SPAN>
</P>
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">conn janesvillecheetah</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">left=nnn.mmm.79.74</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftnexthop=nnn.mmm.79.78</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftsubnet=172.21.2.0/24</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftsourceip=172.21.2.1</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftid=@janesvillecheetah.local</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial"># RSA 2192 bits Janesville-fw Wed Apr 30 11:17:40 2008</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftrsasigkey=0sAQPXn8RAob3n5...</FONT></SPAN>
</P>
<P><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">conn janesvillepnt</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">left=nnn.mmm.79.74</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftnexthop=nnn.mmm.79.78</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftsubnet=172.20.2.0/24</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftsourceip=172.20.2.254</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftid=@janesvillepnt.local</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial"># RSA 2192 bits Janesville-fw Wed Apr 30 11:17:40 2008</FONT></SPAN>
<BR><SPAN LANG="en-us"> <FONT SIZE=2 FACE="Arial">leftrsasigkey=0sAQPXn8RAob3n5...</FONT></SPAN>
</P>
</BODY>
</HTML>