<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18939">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2 face=Arial>Hi I'm Paolo from Italy.</FONT></DIV>
<DIV><FONT size=2 face=Arial>I try to configure a VPN to one client of mine. I
use a Debian 6 server.</FONT></DIV>
<DIV>Here you are the details of my client's openswan
configuration:<BR><BR>FIREWALL HOST INFORMATION / GW PEER<BR>IP ADDRESS:
XXX.XXX.XXX.XXX<BR>Firewall: OpenSwan Server<BR><BR>IKE PARAMETERS<BR>Encryption
Scheme: IKE<BR>Encryption Algorithm: 3DES<BR>Hashing Algorithm: SHA1<BR>Diffie
Helman Groups: 2<BR>Renegotiate IKE SA every: 28800 secs<BR>Renegotiate IPSEC SA
every: 28800 secs<BR><BR>IPSEC PARAMETERS<BR>Authentication Algorithm:
ESP/SHA/HMAC-160<BR>IP Security Protocol: ESP<BR>Encapsulation Mode:
Tunnel<BR>Encryption Algorithm: 3DES<BR>Data Integrity: SHA1<BR><BR>BACK-END IPS
/ NETWORK TO TRUST<BR>Source: YY.YY.YY.YY/YY TCP/IP HTTP<BR></DIV>
<DIV><FONT size=2 face=Arial>I have changed</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV>/etc/ipsec.conf</DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV>I have added</DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV>plutodebug="all"</DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV>for having more logs. And I write my connection:</DIV>
<DIV><FONT size=2 face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><BR>conn
vpn_test<BR>
type=tunnel<BR>
left=ZZZ.ZZZ.ZZZ.ZZZ<BR>
leftid=mineid<BR>
right=XXX.XXX.XXX.XXX<BR>
rightsubnet=YY.YY.YY.YY/YY<BR>
rightid=hisid<BR>
auto=start<BR>
ike=3des-sha1<BR>
esp=3des-sha1<BR>
keylife=8h<BR><BR>In</DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV>/etc/ipsec.secrets</DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV>I have added this line:</DIV>
<DIV><FONT size=2 face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><BR>hisid mineid : PSK "secretkey"<BR><BR><FONT size=2
face=Arial>Afther that, I run ipsec with thuis command:</FONT></DIV><FONT size=2
face=Arial></FONT>
<DIV><FONT size=2 face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><BR>ipsec setup --start<BR><BR>It gives me:</DIV>
<DIV><FONT size=2 face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><BR>ipsec_setup: Starting Openswan IPsec
2.6.28...<BR>ipsec_setup: No KLIPS support found while requested, desperately
falling back to netkey<BR>ipsec_setup: NETKEY support found. Use
protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting
to continue with NETKEY<BR><BR><FONT size=2 face=Arial>Is it
normal?</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT><FONT size=2 face=Arial>Afther that I
write:</FONT></DIV><FONT size=2 face=Arial></FONT>
<DIV><FONT size=2 face=Arial></FONT><FONT size=2 face=Arial></FONT><FONT size=2
face=Arial></FONT><BR>ipsec auto --up vpn_telecom<BR><BR><FONT size=2
face=Arial>But this gives me nothing. The cursor is blocked and I see no echo on
the screen.</FONT></DIV>
<DIV><FONT size=2 face=Arial>What can I do wrong?</FONT></DIV>
<DIV><FONT size=2 face=Arial>Please help me.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Paolo</FONT></DIV></BODY></HTML>