<div>Hello!</div><div><br></div><div>I can't setup VPN </div><div> Windows 7 client
192.168.1.38
<--> Linux sever Openswan 192.168.1.15 </div><div><br></div><div>I think that VPN is established.</div><div>But I can't access Linux server from Windows 7 client.</div><div>I setup VPN on Win7 in "ip security policies on local computer"</div>
<div>Windows's firewall is turned off.</div><div><br></div><div>Can somebody help me?</div><div>Thank you</div><div><br></div><div><br></div><div>>ipsec --version<br></div><div>Linux Openswan U2.6.37/K(no kernel code presently loaded)<br>
</div><div><br></div><div>/var/log/secure: </div><div>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}<br>
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: the peer proposed: <a href="http://192.168.1.15/32:0/0">192.168.1.15/32:0/0</a> -> <a href="http://192.168.1.38/32:0/0">192.168.1.38/32:0/0</a><br>
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: NAT-Traversal: received 2 NAT-OA. using first, ignoring others<br>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: responding to Quick Mode proposal {msgid:01000000}<br>
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: us: 192.168.1.15<192.168.1.15>[+S=C]<br>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: them: 192.168.1.38<192.168.1.38>[+S=C]<br>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: Dead Peer Detection (RFC 3706): not enabled because peer did not advertise it<br>
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP/NAT=>0x89c5ef96 <0x3d6e53aa xfrm=3DES_0-HMAC_SHA1 NATOA=192.168.1.38 NATD=<a href="http://192.168.1.38:4500">192.168.1.38:4500</a> DPD=none}<br>
</div><div><br></div><div>/etc/ipsec.conf:<br><br>version 2.0 # conforms to second version of ipsec.conf specification<br><br># basic configuration<br>config setup<br>interfaces="ipsec0=eth0" <br> protostack=klips<br>
nat_traversal=yes<br> virtual_private=<br>oe=off <br> nhelpers=0<br></div><div><br></div><div>conn lnx-win <br>type=tunnel<br>auto=add<br>pfs=yes<br>right=192.168.1.38<br>left=192.168.1.15 <br>
auth=esp<br>authby=secret<br>forceencaps=yes<br>esp=3des-sha1-96<br>rekey=no<br>dpdaction=clear<br>dpddelay=30<br>dpdtimeout=30</div>