<table cellspacing="0" cellpadding="0" border="0" ><tr><td valign="top" style="font: inherit;"><DIV>Hello,</DIV>
<DIV>&nbsp;</DIV>
<DIV>I'm running 2 servers in different locations, Centos 5.2 with openswan-2.6.14-1.</DIV>
<DIV>&nbsp;</DIV>
<DIV>I setup the configuration for IPSEC between the 2 servers and that works fine. The configuration to connect also the subnet is not working.</DIV>
<DIV>&nbsp;</DIV>
<DIV>The /etc/ipsec.conf file has the following config:</DIV>
<DIV>&nbsp;</DIV>
<DIV># /etc/ipsec.conf - Openswan IPsec configuration file<BR>#<BR># Manual:&nbsp;&nbsp;&nbsp;&nbsp; ipsec.conf.5<BR>#<BR># Please place your own config files in /etc/ipsec.d/ ending in .conf</DIV>
<DIV>version 2.0&nbsp;&nbsp;&nbsp;&nbsp; # conforms to second version of ipsec.conf specification</DIV>
<DIV># basic configuration<BR>config setup<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; interfaces=%defaultroute<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # Debug-logging controls:&nbsp; "none" for (almost) none, "all" for lots.<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # klipsdebug=none<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # plutodebug="control parsing"<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; protostack=netkey<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; nat_traversal=yes<BR>include /etc/ipsec.d/*.conf<BR></DIV>
<DIV>The connection configuration file:</DIV>
<DIV>&nbsp;</DIV>
<DIV>conn&nbsp;test<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; type=tunnel<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; right=right-public-ip<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rightsubnet=10.0.0.0/24<BR>#&nbsp;&nbsp;&nbsp;&nbsp; rightrsasigkey=0sAQNe0OynsdPx/DXDJJTP4IOAVQPprpp5VBbm+iIRBNeCQKzFzn8Z/BVZhWV5g6AgGepqK9ldFHAg6A0X6eT5atZOKsS2r1gLtExKcE++zuiTBIbTA6hbVTOBasDuZ/GU2TVRoBf9VmuunOFctGoL79b0Z1w8hS6KJDyt7Gp5nEK+fP9qQeqloxiw7b+hZBu96ZF6kYocF2MrpNCqbwJm8XBl8YGQSYP8tjBmAzO4quJW5MkKoB+olGpKcEoI+NQW2gh3rpim/9y5w6B68aAngAQpgFpXaZLl9azbm4PijSbROsue095I6vDukj<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; left=my-public-ip<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; leftsubnet=10.18.1.0/28<BR>#&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 leftrsasigkey=0sAQN6fKakRwgQb3ciBP868KRMlMDBCeub8oxgdwXyJw2hrGHzk13krtkjj32TRh/AeITCNIIUIaJe5mEE2TC3K4cnr8gQgi4GoYNutVFMdNz4ydelJTTUw0wowwGN1OkcsW1YCrwJIKlzV0ciHbVLDHkrwWZMn2UXCRDcp+uYBCDG/hMXf5WYKuM7IrbQVR1V6SSiZbgOIoNC6PaxoZTyhoMplwwGbFpDIkPamUBiXXFEHgDv/pUfRs6ZcqQtflBFB0xtBkUp7dZ4giAj44jjkHBmLezRtPO8UKbSyTP7135WAdtjkVBNIc7h<BR><BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; esp=3des<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; authby=secret<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyexchange=ike<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; pfs=no<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto=start<BR></DIV>
<DIV>&nbsp;</DIV>
<DIV>As you can see, I tryed using RSA and also PSK key.</DIV>
<DIV>If I'm comenting the leftsubnet and rightsubnet&nbsp;everything works fine. But I'm not able to connect the subnets.</DIV>
<DIV>&nbsp;</DIV>
<DIV>Any help?</DIV>
<DIV>&nbsp;</DIV>
<DIV>Respectfully,</DIV>
<DIV>Rudolf Barkoczi</DIV></td></tr></table><br>