<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
Vladimir ,<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Which version of openswan are you using in this setup ? Please copy the complete ipsec.conf file , ipsec.secrets file , the output of "ipsec verify" command and output from "ip a" command from both vpn concentrators.<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Thanks .<br><br><span style="font-family: Tahoma,Helvetica,Sans-Serif; font-style: italic; font-weight: bold;">-<span style="font-family: Times New Roman,Times,Serif;"> Simon Charles - </span></span><br><br><br><br><br>&gt; Date: Sat, 3 Oct 2009 13:29:04 +0200<br>&gt; From: mozillaner@gmail.com<br>&gt; To: users@openswan.org<br>&gt; Subject: [Openswan Users] IPSec Host to Host over Internet Tunnel        Configuration<br>&gt; <br>&gt; Dear OpenSwan Users,<br>&gt; <br>&gt; I'm trying for some time to establish an OpenSwan tunnel connection<br>&gt; between two hosts over the Internet, but unfortunately until now<br>&gt; without success.<br>&gt; <br>&gt; This is a test setup for a university project and the configuration is<br>&gt; as follows:<br>&gt; <br>&gt; # Host_1 # ------------ ######### PC with two NIC's ##########<br>&gt; ----------- INTERNET -----------  # Host_2 #<br>&gt; 192.168.1.3                192.168.1.2                130.83.239.102                                        130.83.239.101<br>&gt; <br>&gt; <br>&gt; The router function on the PC is activated. The secure tunnel<br>&gt; connection must be established between the Host_1 in a private network<br>&gt; and Host_2 on the Internet.<br>&gt; <br>&gt; The ipsec.conf files are as follows:<br>&gt; <br>&gt; #Host_1 ipsec.conf<br>&gt; conn Host_1_to_Host_2<br>&gt;       left=192.168.1.3<br>&gt;       leftnexthop=192.168.1.2<br>&gt;       right=130.83.239.101<br>&gt;       presharedkey=secret<br>&gt;       network=lan<br>&gt;       auto=start<br>&gt;       authmode=SHA1<br>&gt;       pfs=yes<br>&gt;       type=tunnel<br>&gt; <br>&gt; #Host_2 ipsec.conf<br>&gt; conn Host_2_to_Host_1<br>&gt;       left=130.83.239.101<br>&gt;       right=192.168.1.3<br>&gt;       rightnexthop=130.83.239.102<br>&gt;       presharedkey=secret<br>&gt;       network=lan<br>&gt;       auto=start<br>&gt;       authmode=SHA1<br>&gt;       pfs=yes<br>&gt;       type=tunnel<br>&gt; <br>&gt; If I try to ping the Host_2 from Host_1 I'll get always the message<br>&gt; "IP security is being negotiated". The ping from Host_2 to Host_1<br>&gt; fails with "Request timed out.".<br>&gt; <br>&gt; Are the config files correct?<br>&gt; <br>&gt; What is wrong in my configuration above?<br>&gt; <br>&gt; Thanks,<br>&gt; Vladimir<br>&gt; _______________________________________________<br>&gt; Users@openswan.org<br>&gt; http://lists.openswan.org/mailman/listinfo/users<br>&gt; Building and Integrating Virtual Private Networks with Openswan: <br>&gt; http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155<br>                                               </body>
</html>