<font class="Apple-style-span" face="verdana, sans-serif">Hello list;</font><div><font class="Apple-style-span" face="verdana, sans-serif"><br></font></div><div><font class="Apple-style-span" face="verdana, sans-serif">I am not able to setup a tunnel between Openswan and Cisco VPN 3000 Series with these options:</font></div>
<div><br></div><div><div><font class="Apple-style-span" face="'courier new', monospace"><b>PHASE1 (ISAKMP)</b></font></div><div><font class="Apple-style-span" face="'courier new', monospace">Encryption algorithm : AES256</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">Hash algorithm : Secure Hash Standard</font></div><div><font class="Apple-style-span" face="'courier new', monospace">Authentication method : Pre-Shared Key</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">Diffie-Hellman group : #2 (1024 bit)</font></div><div><font class="Apple-style-span" face="'courier new', monospace">Lifetime : 86400 seconds, no volume limit</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"><div><b>PHASE2 (IPSEC)</b></div><div>Encryption algorithm : AES256</div>
<div>Hash algorithm : Secure Hash Standard</div><div>Security association lifetime : 3600 seconds</div><div>PFS : No</div></font></div><div><br></div><div><div><font class="Apple-style-span" face="'courier new', monospace">debian:~# <b>ipsec barf</b> -> <b><a href="http://codepad.org/p8LgcEr4">http://codepad.org/p8LgcEr4</a></b></font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="verdana, sans-serif">My <b><font class="Apple-style-span" face="'courier new', monospace">leftsubnet </font></b>is on the same machine (server with openswan) as virtual interface (eth0:1), and I am not sure if this is really possible to setup ?!</font></div>
<div><font class="Apple-style-span" face="verdana, sans-serif"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace">eth0:1 ===eth0 ---xx.xxx.68.241...yy.yyy.112.1===yy.yyy.112.0/24</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"><a href="http://172.16.26.0/24===xx.xxx.68.246---xx.xxx.68.241...yy.yyy.112.1===yy.yyy.112.0/24">172.16.26.0/24===xx.xxx.68.246---xx.xxx.68.241...yy.yyy.112.1===yy.yyy.112.0/24</a></font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace">Any advice?</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace">--</font></div><div><font class="Apple-style-span" face="'courier new', monospace">haver</font></div></div></div>