<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=GB2312" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#ffffff">
Hi,<br>
<br>
At the left end put leftsourceip=192.168.123.x and at the right end
put rightsourceip=192.168.122.1. You can put both leftsourceip and
rightsourceip at each end if you want.<br>
<br>
Nick<br>
<br>
On 17/03/2011 10:05, jia Ma wrote:
<blockquote cite="mid:BLU159-w15376368748B6F261633628AB10@phx.gbl"
type="cite">
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
Hi,<br>
<br>
I configured a net-to-net vpn with openswan, the configurations as
follows:<br>
<br>
conn net-to-net<br>
connaddrfamily=ipv4<br>
authby=secret<br>
left=10.226.9.2<br>
leftnexthop=%defaultroute<br>
leftsubnet=192.168.123.0/24<br>
right=10.226.9.215<br>
rightnexthop=%defaultroute<br>
rightsubnet=192.168.122.0/24<br>
esp=3des-sha1<br>
keyexchange=ike<br>
ike=3des-sha1<br>
pfs=no<br>
auto=add<br>
<br>
It showed I can set the net-to-net v pn successfully, but when I
couldn't reach 192.168.122.1 on the left endpoint, could you help
me with this? Thanks!<br>
<br>
104 "net-to-net" #1: STATE_MAIN_I1: initiate<br>
003 "net-to-net" #1: received Vendor ID payload [Openswan (this
version) 2.6.24 ]<br>
003 "net-to-net" #1: received Vendor ID payload [Dead Peer
Detection]<br>
106 "net-to-net" #1: STATE_MAIN_I2: sent MI2, expecting MR2<br>
108 "net-to-net" #1: STATE_MAIN_I3: sent MI3, expecting MR3<br>
003 "net-to-net" #1: received Vendor ID payload [CAN-IKEv2]<br>
004 "net-to-net" #1: STATE_MAIN_I4: ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192
prf=oakley_sha group=modp1536}<br>
117 "net-to-net" #2: STATE_QUICK_I1: initiate<br>
004 "net-to-net" #2: STATE_QUICK_I2: sent QI2, IPsec SA
established tunnel mode {ESP=>0x1af874bc <0x2f3ee9b4
xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}<br>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
</body>
</html>