<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">Hi,<br>
      <br>
      Pinging didn't work. I contacted the VPN provider (left side) and
      after some diagnostics we found an error in their configuration.
      It works perfectly now.<br>
      Thank you very much, Nick, as i learned a lot of valuable things
      with your assistance and guidance.<br>
      <br>
      El 04/05/15 a las 21:13, Nick Howitt escribió:<br>
    </div>
    <blockquote cite="mid:5547C4CB.8090305@howitts.co.uk" type="cite">
      <meta content="text/html; charset=windows-1252"
        http-equiv="Content-Type">
      First try pinging the LAN IP of their gateway (192.168.30.1?). If
      that works, then try a traceroute to 192.168.30.25<br>
      <br>
      <div class="moz-cite-prefix">On 04/05/2015 18:53, Roi Rodríguez
        wrote:<br>
      </div>
      <blockquote cite="mid:5547B233.2070408@qubitia.com" type="cite">
        <meta content="text/html; charset=windows-1252"
          http-equiv="Content-Type">
        <div class="moz-cite-prefix">Ok, i used tcpdump when pinging
          192.168.30.23 (in their private network) and i see esp packets
          going on... Does this mean everything is ok and the problem is
          on their side?<br>
          <br>
          <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
            href="mailto:root@ubuntu:/etc/ipsec.d#">root@ubuntu:/etc/ipsec.d#</a>
          ping 192.168.30.23 &<br>
          [1] 6312<br>
          <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
            href="mailto:root@ubuntu:/etc/ipsec.d#">root@ubuntu:/etc/ipsec.d#</a>
          PING 192.168.30.23 (192.168.30.23) 56(84) bytes of data.<br>
          <br>
          <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
            href="mailto:root@ubuntu:/etc/ipsec.d#">root@ubuntu:/etc/ipsec.d#</a>
          tcpdump -i eth0 -v -n -p udp port 500 or udp port 4500<br>
          tcpdump: listening on eth0, link-type EN10MB (Ethernet),
          capture size 65535 bytes<br>
          19:53:16.183452 IP (tos 0x0, ttl 64, id 59809, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x1f), length 116<br>
          19:53:17.183389 IP (tos 0x0, ttl 64, id 59810, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x20), length 116<br>
          19:53:18.183410 IP (tos 0x0, ttl 64, id 59811, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x21), length 116<br>
          19:53:19.183381 IP (tos 0x0, ttl 64, id 59812, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x22), length 116<br>
          19:53:20.183370 IP (tos 0x0, ttl 64, id 59813, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x23), length 116<br>
          19:53:21.183437 IP (tos 0x0, ttl 64, id 59814, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x24), length 116<br>
          19:53:22.183272 IP (tos 0x0, ttl 64, id 59815, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x25), length 116<br>
          19:53:22.728983 IP (tos 0x0, ttl 48, id 28206, offset 0, flags
          [DF], proto UDP (17), length 29)<br>
              198.202.190.103.4500 > 192.168.0.6.4500:
          isakmp-nat-keep-alive<br>
          19:53:23.183382 IP (tos 0x0, ttl 64, id 59816, offset 0, flags
          [DF], proto UDP (17), length 144)<br>
              192.168.0.6.4500 > 198.202.190.103.4500: UDP-encap:
          ESP(spi=0xef2410db,seq=0x26), length 116<br>
          19:53:23.506262 IP (tos 0x0, ttl 64, id 38249, offset 0, flags
          [DF], proto UDP (17), length 29)<br>
              192.168.0.6.4500 > 198.202.190.103.4500:
          isakmp-nat-keep-alive<br>
          19:53:23.506466 IP (tos 0x0, ttl 64, id 38250, offset 0, flags
          [DF], proto UDP (17), length 29)<br>
              192.168.0.6.4500 > 198.202.190.103.4500:
          isakmp-nat-keep-alive<br>
          ^C<br>
          11 packets captured<br>
          11 packets received by filter<br>
          0 packets dropped by kernel<br>
          <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
            href="mailto:root@ubuntu:/etc/ipsec.d#">root@ubuntu:/etc/ipsec.d#</a>
          killall ping<br>
          [1]+  Terminado               ping 192.168.30.23<br>
          <br>
          El 04/05/15 a las 19:48, Roi Rodríguez escribió:<br>
        </div>
        <blockquote cite="mid:5547B0D5.2060106@qubitia.com" type="cite">
          <meta content="text/html; charset=windows-1252"
            http-equiv="Content-Type">
          <div class="moz-cite-prefix">Hi,<br>
            <br>
            El 04/05/15 a las 19:44, Nick Howitt escribió:<br>
          </div>
          <blockquote cite="mid:5547B00B.7070803@howitts.co.uk"
            type="cite">
            <meta content="text/html; charset=windows-1252"
              http-equiv="Content-Type">
            Have a look at the commands "ip xfrm state" and "ip xfrm
            policy". There you should see your tunnel.<br>
          </blockquote>
          Yes, they see my tunnel:<br>
          <br>
          $ ip xfrm state<br>
          src 198.202.190.103 dst 192.168.0.6<br>
              proto esp spi 0x8f1cd06b reqid 16385 mode tunnel<br>
              replay-window 32 flag af-unspec<br>
              auth-trunc hmac(md5) 0x321291db65b04e02e7d1f4526f7b718f 96<br>
              enc cbc(des3_ede)
          0xff3cf71fe47304ad69cc038503e884fac069cf65a1e7d92a<br>
              encap type espinudp sport 4500 dport 4500 addr 0.0.0.0<br>
          src 192.168.0.6 dst 198.202.190.103<br>
              proto esp spi 0xef2410db reqid 16385 mode tunnel<br>
              replay-window 32 flag af-unspec<br>
              auth-trunc hmac(md5) 0x550b2287f176cc05602d5c92c3d59639 96<br>
              enc cbc(des3_ede)
          0x881215730d651d7ac9838838a9dc05730db60eb170f2cd2e<br>
              encap type espinudp sport 4500 dport 4500 addr 0.0.0.0<br>
          <br>
          $ ip xfrm policy<br>
          src 192.168.0.6/32 dst 192.168.30.0/24 <br>
              dir out priority 2088 <br>
              tmpl src 192.168.0.6 dst 198.202.190.103<br>
                  proto esp reqid 16385 mode tunnel<br>
          src 192.168.30.0/24 dst 192.168.0.6/32 <br>
              dir fwd priority 2088 <br>
              tmpl src 198.202.190.103 dst 192.168.0.6<br>
                  proto esp reqid 16385 mode tunnel<br>
          src 192.168.30.0/24 dst 192.168.0.6/32 <br>
              dir in priority 2088 <br>
              tmpl src 198.202.190.103 dst 192.168.0.6<br>
                  proto esp reqid 16385 mode tunnel<br>
          src ::/0 dst ::/0 <br>
              socket out priority 0 <br>
          src ::/0 dst ::/0 <br>
              socket in priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket out priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket in priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket out priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket in priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket out priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket in priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket out priority 0 <br>
          src 0.0.0.0/0 dst 0.0.0.0/0 <br>
              socket in priority 0<br>
          <br>
          <blockquote cite="mid:5547B00B.7070803@howitts.co.uk"
            type="cite"> <br>
            Are you running a firewall on 192.168.0.6? If you are, have
            you set any rules for the tunnel? When you are pinging the
            remote subnet, is it from 192.168.0.6 or some other machine
            on the LAN?<br>
          </blockquote>
          No, i'm not running any firewall on that machine. I'm pinging
          from 192.168.0.6.<br>
          <blockquote cite="mid:5547B00B.7070803@howitts.co.uk"
            type="cite"> <br>
            Nick<br>
            <br>
            <div class="moz-cite-prefix">On 04/05/2015 18:36, Roi
              Rodríguez wrote:<br>
            </div>
            <blockquote cite="mid:5547AE1C.6060107@qubitia.com"
              type="cite">
              <meta content="text/html; charset=windows-1252"
                http-equiv="Content-Type">
              <div class="moz-cite-prefix">Hi Nick,<br>
                <br>
                El 04/05/15 a las 19:19, Nick Howitt escribió:<br>
              </div>
              <blockquote cite="mid:5547AA3C.6050907@howitts.co.uk"
                type="cite">
                <meta content="text/html; charset=windows-1252"
                  http-equiv="Content-Type">
                It looks like your tunnel is up and running - I am a
                little surprised as you don't have "nat_traversal=yes"
                in config setup.<br>
              </blockquote>
              I added "nat_traversal=yes", as well as "forceencaps=yes"
              in my connection config. <br>
              <blockquote cite="mid:5547AA3C.6050907@howitts.co.uk"
                type="cite"> <br>
                You won't see an ipsecX interface with netkey, only with
                klips which you are not using.<br>
              </blockquote>
              Ok. So the question is: With my setup, what should i see
              as the result of the tunnel going up? new routing rules? I
              don't see any new routing, iptables rules (NAT), etc
              appearing. So pinging someone inside their subnet does not
              succeed.<br>
              <br>
              I'm sure this is me not understanding what goes on...<br>
              <br>
              <br>
              <blockquote cite="mid:5547AA3C.6050907@howitts.co.uk"
                type="cite"> <br>
                Nick<br>
                <br>
                <div class="moz-cite-prefix">On 04/05/2015 17:52, Roi
                  Rodríguez wrote:<br>
                </div>
                <blockquote cite="mid:5547A3EB.5040104@qubitia.com"
                  type="cite">
                  <meta http-equiv="content-type" content="text/html;
                    charset=windows-1252">
                  Hi,<br>
                  <br>
                  I'm having difficulties setting up a site-to-site
                  tunnel. I've got no previous backgroud with ipsec or
                  VPNs.<br>
                  <br>
                  My network setup:<br>
                  <br>
                  192.168.0.6-->192.168.0.1(gw:PUBLIC IP
                  IFACE)====THEIR_PUBLIC_IP---192.168.30.0/24<br>
                  <br>
                  192.168.0.6 is the machine where i installed and
                  configured openswan. 192.168.0.1 is our office's
                  router. The rest is on their side. I enabled "IPSec
                  passthrough" and redirected UDP 500 and 4500 to
                  192.168.0.6.<br>
                  <br>
                  <br>
                  <br>
                  This is my ipsec.conf file:<br>
                  <br>
                  version    2.0<br>
                  <br>
                  config setup<br>
                      plutodebug=none<br>
                      dumpdir=/var/run/pluto/<br>
                      oe=off<br>
                      protostack=netkey<br>
                      interfaces=%defaultroute<br>
                  <br>
                  conn idata<br>
                      auto=start<br>
                      authby=secret<br>
                      type=tunnel<br>
                      ike=3des-md5;modp1024<br>
                      # Phase 1<br>
                      keyexchange=ike<br>
                      ikelifetime=86400s<br>
                      # Phase 2<br>
                      phase2=esp<br>
                      pfs=no<br>
                      leftid=$THEIR_PUBLIC_IP<br>
                      left=$THEIR_PUBLIC_IP<br>
                      leftnexthop=%defaultroute<br>
                      leftsubnet=192.168.30.0/24<br>
                      rightid=192.168.0.6<br>
                      right=192.168.0.6<br>
                      rightnexthop=192.168.0.1<br>
                      rightsubnet=192.168.0.6/32<br>
                  <br>
                  COMMENT: 192.168.0.6/32 as the rightsubnet is just a
                  test, i'll setup this once connectivity works.<br>
                  <br>
                  When i bring up the "idata" connection:<br>
                  $ service ipsec status<br>
                  IPsec running  - pluto pid: 5112<br>
                  pluto pid 5112<br>
                  1 tunnels up<br>
                  some eroutes exist<br>
                  $ ipsec auto --status<br>
                  000 using kernel interface: netkey<br>
                  000 interface lo/lo ::1<br>
                  000 interface lo/lo 127.0.0.1<br>
                  000 interface lo/lo 127.0.0.1<br>
                  000 interface eth0/eth0 192.168.0.6<br>
                  000 interface eth0/eth0 192.168.0.6<br>
                  000 %myid = (none)<br>
                  000 debug none<br>
                  000  <br>
                  000 virtual_private (%priv):<br>
                  000 - allowed 0 subnets: <br>
                  000 - disallowed 0 subnets: <br>
                  000 WARNING: Either virtual_private= is not specified,
                  or there is a syntax <br>
                  000          error in that line.
                  'left/rightsubnet=vhost:%priv' will not work!<br>
                  000 WARNING: Disallowed subnets in virtual_private= is
                  empty. If you have <br>
                  000          private address space in internal use, it
                  should be excluded!<br>
                  000  <br>
                  000 algorithm ESP encrypt: id=2, name=ESP_DES,
                  ivlen=8, keysizemin=64, keysizemax=64<br>
                  000 algorithm ESP encrypt: id=3, name=ESP_3DES,
                  ivlen=8, keysizemin=192, keysizemax=192<br>
                  000 algorithm ESP encrypt: id=6, name=ESP_CAST,
                  ivlen=8, keysizemin=40, keysizemax=128<br>
                  000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH,
                  ivlen=8, keysizemin=40, keysizemax=448<br>
                  000 algorithm ESP encrypt: id=11, name=ESP_NULL,
                  ivlen=0, keysizemin=0, keysizemax=0<br>
                  000 algorithm ESP encrypt: id=12, name=ESP_AES,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=13, name=ESP_AES_CTR,
                  ivlen=8, keysizemin=160, keysizemax=288<br>
                  000 algorithm ESP encrypt: id=14, name=ESP_AES_CCM_A,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=15, name=ESP_AES_CCM_B,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=16, name=ESP_AES_CCM_C,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=18, name=ESP_AES_GCM_A,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=19, name=ESP_AES_GCM_B,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=20, name=ESP_AES_GCM_C,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=22, name=ESP_CAMELLIA,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=252, name=ESP_SERPENT,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH,
                  ivlen=8, keysizemin=128, keysizemax=256<br>
                  000 algorithm ESP auth attr: id=1,
                  name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128,
                  keysizemax=128<br>
                  000 algorithm ESP auth attr: id=2,
                  name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160,
                  keysizemax=160<br>
                  000 algorithm ESP auth attr: id=5,
                  name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256,
                  keysizemax=256<br>
                  000 algorithm ESP auth attr: id=6,
                  name=AUTH_ALGORITHM_HMAC_SHA2_384, keysizemin=384,
                  keysizemax=384<br>
                  000 algorithm ESP auth attr: id=7,
                  name=AUTH_ALGORITHM_HMAC_SHA2_512, keysizemin=512,
                  keysizemax=512<br>
                  000 algorithm ESP auth attr: id=8,
                  name=AUTH_ALGORITHM_HMAC_RIPEMD, keysizemin=160,
                  keysizemax=160<br>
                  000 algorithm ESP auth attr: id=9,
                  name=AUTH_ALGORITHM_AES_CBC, keysizemin=128,
                  keysizemax=128<br>
                  000 algorithm ESP auth attr: id=251,
                  name=AUTH_ALGORITHM_NULL_KAME, keysizemin=0,
                  keysizemax=0<br>
                  000  <br>
                  000 algorithm IKE encrypt: id=0, name=(null),
                  blocksize=16, keydeflen=131<br>
                  000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC,
                  blocksize=8, keydeflen=192<br>
                  000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC,
                  blocksize=16, keydeflen=128<br>
                  000 algorithm IKE hash: id=1, name=OAKLEY_MD5,
                  hashsize=16<br>
                  000 algorithm IKE hash: id=2, name=OAKLEY_SHA1,
                  hashsize=20<br>
                  000 algorithm IKE hash: id=4, name=OAKLEY_SHA2_256,
                  hashsize=32<br>
                  000 algorithm IKE hash: id=6, name=OAKLEY_SHA2_512,
                  hashsize=64<br>
                  000 algorithm IKE dh group: id=2,
                  name=OAKLEY_GROUP_MODP1024, bits=1024<br>
                  000 algorithm IKE dh group: id=5,
                  name=OAKLEY_GROUP_MODP1536, bits=1536<br>
                  000 algorithm IKE dh group: id=14,
                  name=OAKLEY_GROUP_MODP2048, bits=2048<br>
                  000 algorithm IKE dh group: id=15,
                  name=OAKLEY_GROUP_MODP3072, bits=3072<br>
                  000 algorithm IKE dh group: id=16,
                  name=OAKLEY_GROUP_MODP4096, bits=4096<br>
                  000 algorithm IKE dh group: id=17,
                  name=OAKLEY_GROUP_MODP6144, bits=6144<br>
                  000 algorithm IKE dh group: id=18,
                  name=OAKLEY_GROUP_MODP8192, bits=8192<br>
                  000 algorithm IKE dh group: id=22,
                  name=OAKLEY_GROUP_DH22, bits=1024<br>
                  000 algorithm IKE dh group: id=23,
                  name=OAKLEY_GROUP_DH23, bits=2048<br>
                  000 algorithm IKE dh group: id=24,
                  name=OAKLEY_GROUP_DH24, bits=2048<br>
                  000  <br>
                  000 stats db_ops: {curr_cnt, total_cnt, maxsz}
                  :context={0,0,0} trans={0,0,0} attrs={0,0,0} <br>
                  000  <br>
                  000 "idata":
                  192.168.0.6/32===192.168.0.6<192.168.0.6>---192.168.0.1...192.168.0.1---198.202.190.103<198.202.190.103>===192.168.30.0/24;







                  erouted; eroute owner: #2<br>
                  000 "idata":     myip=unset; hisip=unset;<br>
                  000 "idata":   ike_life: 86400s; ipsec_life: 28800s;
                  rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 <br>
                  000 "idata":   policy:
                  PSK+ENCRYPT+TUNNEL+UP+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD;
                  prio: 24,32; interface: eth0; <br>
                  000 "idata":   newest ISAKMP SA: #1; newest IPsec SA:
                  #2; <br>
                  000 "idata":   IKE algorithms wanted:
                  3DES_CBC(5)_000-MD5(1)_000-MODP1024(2); flags=-strict<br>
                  000 "idata":   IKE algorithms found: 
                  3DES_CBC(5)_192-MD5(1)_128-MODP1024(2)<br>
                  000 "idata":   IKE algorithm newest:
                  3DES_CBC_192-MD5-MODP1024<br>
                  000  <br>
                  000 #2: "idata":4500 STATE_QUICK_I2 (sent QI2, IPsec
                  SA established); EVENT_SA_REPLACE in 26911s; newest
                  IPSEC; eroute owner; isakmp#1; idle; import:admin
                  initiate<br>
                  000 #2: "idata" <a moz-do-not-send="true"
                    class="moz-txt-link-abbreviated"
                    href="mailto:esp.e00edafe@198.202.190.103">esp.e00edafe@198.202.190.103</a>
                  <a moz-do-not-send="true"
                    class="moz-txt-link-abbreviated"
                    href="mailto:esp.e6393f98@192.168.0.6">esp.e6393f98@192.168.0.6</a>
                  <a moz-do-not-send="true"
                    class="moz-txt-link-abbreviated"
                    href="mailto:tun.0@198.202.190.103">tun.0@198.202.190.103</a>
                  <a moz-do-not-send="true"
                    class="moz-txt-link-abbreviated"
                    href="mailto:tun.0@192.168.0.6">tun.0@192.168.0.6</a>
                  ref=0 refhim=4294901761<br>
                  000 #1: "idata":4500 STATE_MAIN_I4 (ISAKMP SA
                  established); EVENT_SA_REPLACE in 84648s; newest
                  ISAKMP; lastdpd=17s(seq in:0 out:0); idle;
                  import:admin initiate<br>
                  000<br>
                  <br>
                  <br>
                  According to the output tunnel seems up, but i can't
                  see any ipsec0 interface or such. <br>
                  $ cat /var/run/pluto/ipsec.info <br>
                  defaultroutephys=eth0<br>
                  defaultroutevirt=none<br>
                  defaultrouteaddr=192.168.0.6<br>
                  defaultroutenexthop=192.168.0.1<br>
                  <br>
                  defaultroutevirt=none? Also "%myid = (none)",
                  "myip=unset; hisip=unset;"... I'm not sure these are
                  problems. <br>
                  <br>
                  Can anyone give some help?<br>
                  <br>
                  Best regards<br>
                  <div class="moz-signature">-- <br>
                    <table width="600px">
                      <tbody>
                        <tr>
                          <td>
                            <address style="font-family: Arial;
                              font-size: 10pt; font-style: normal;
                              color: black;"> Roi Rodríguez Méndez<br>
                              Partner @ <b>Qubitia Solutions S.L.</b><br>
                              Avda. Conde de Bugallal Nº61H 2ºA<br>
                              36004 - Pontevedra (SPAIN)<br>
                              Phone. +34886213038<br>
                              <a moz-do-not-send="true"
                                href="mailto:roi.rodriguez@qubitia.com">roi.rodriguez@qubitia.com</a><br>
                              <a moz-do-not-send="true"
                                href="http://www.qubitia.com">http://www.qubitia.com</a>
                              <br>
                              <br>
                            </address>
                          </td>
                        </tr>
                        <tr>
                          <td>
                            <p style="font-family: Arial; font-size:
                              8pt; font-style: normal; color: black;">El
                              contenido de este e-mail (incluyendo los
                              documentos adjuntos) es privado y
                              confidencial. Si usted no es el
                              destinatario correcto, no debe copiar,
                              distribuir, tomar medida alguna o revelar
                              ningún detalle de este e-mail (incluyendo
                              los documentos adjuntos) a ninguna
                              persona, empresa o corporación. Si usted
                              recibiera este e-mail por error, por favor
                              notifíquenoslo inmediatamente.</p>
                          </td>
                        </tr>
                        <tr>
                          <td>
                            <p style="font-family: Arial; font-size:
                              8pt; font-style: normal; color: grey;">The
                              contents of this email (including any
                              attachments) are privileged &
                              confidential. If you are not an intended
                              recipient, you must not copy, distribute,
                              take action in reliance on or disclose any
                              details of the e-mail (including any
                              attachments) to any other person, firm or
                              corporation. If you received this email in
                              error, please notify us immediately.</p>
                          </td>
                        </tr>
                      </tbody>
                    </table>
                  </div>
                  <br>
                  <fieldset class="mimeAttachmentHeader"></fieldset>
                  <br>
                  <pre wrap="">_______________________________________________
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
                </blockquote>
                <br>
              </blockquote>
              <br>
              <br>
              <div class="moz-signature">-- <br>
                <table width="600px">
                  <tbody>
                    <tr>
                      <td>
                        <address style="font-family: Arial; font-size:
                          10pt; font-style: normal; color: black;"> Roi
                          Rodríguez Méndez<br>
                          Partner @ <b>Qubitia Solutions S.L.</b><br>
                          Avda. Conde de Bugallal Nº61H 2ºA<br>
                          36004 - Pontevedra (SPAIN)<br>
                          Phone. +34886213038<br>
                          <a moz-do-not-send="true"
                            href="mailto:roi.rodriguez@qubitia.com">roi.rodriguez@qubitia.com</a><br>
                          <a moz-do-not-send="true"
                            href="http://www.qubitia.com">http://www.qubitia.com</a>
                          <br>
                          <br>
                        </address>
                      </td>
                    </tr>
                    <tr>
                      <td>
                        <p style="font-family: Arial; font-size: 8pt;
                          font-style: normal; color: black;">El
                          contenido de este e-mail (incluyendo los
                          documentos adjuntos) es privado y
                          confidencial. Si usted no es el destinatario
                          correcto, no debe copiar, distribuir, tomar
                          medida alguna o revelar ningún detalle de este
                          e-mail (incluyendo los documentos adjuntos) a
                          ninguna persona, empresa o corporación. Si
                          usted recibiera este e-mail por error, por
                          favor notifíquenoslo inmediatamente.</p>
                      </td>
                    </tr>
                    <tr>
                      <td>
                        <p style="font-family: Arial; font-size: 8pt;
                          font-style: normal; color: grey;">The contents
                          of this email (including any attachments) are
                          privileged & confidential. If you are not
                          an intended recipient, you must not copy,
                          distribute, take action in reliance on or
                          disclose any details of the e-mail (including
                          any attachments) to any other person, firm or
                          corporation. If you received this email in
                          error, please notify us immediately.</p>
                      </td>
                    </tr>
                  </tbody>
                </table>
              </div>
            </blockquote>
            <br>
          </blockquote>
          <br>
          <br>
          <div class="moz-signature">-- <br>
            <table width="600px">
              <tbody>
                <tr>
                  <td>
                    <address style="font-family: Arial; font-size: 10pt;
                      font-style: normal; color: black;"> Roi Rodríguez
                      Méndez<br>
                      Partner @ <b>Qubitia Solutions S.L.</b><br>
                      Avda. Conde de Bugallal Nº61H 2ºA<br>
                      36004 - Pontevedra (SPAIN)<br>
                      Phone. +34886213038<br>
                      <a moz-do-not-send="true"
                        href="mailto:roi.rodriguez@qubitia.com">roi.rodriguez@qubitia.com</a><br>
                      <a moz-do-not-send="true"
                        href="http://www.qubitia.com">http://www.qubitia.com</a>
                      <br>
                      <br>
                    </address>
                  </td>
                </tr>
                <tr>
                  <td>
                    <p style="font-family: Arial; font-size: 8pt;
                      font-style: normal; color: black;">El contenido de
                      este e-mail (incluyendo los documentos adjuntos)
                      es privado y confidencial. Si usted no es el
                      destinatario correcto, no debe copiar, distribuir,
                      tomar medida alguna o revelar ningún detalle de
                      este e-mail (incluyendo los documentos adjuntos) a
                      ninguna persona, empresa o corporación. Si usted
                      recibiera este e-mail por error, por favor
                      notifíquenoslo inmediatamente.</p>
                  </td>
                </tr>
                <tr>
                  <td>
                    <p style="font-family: Arial; font-size: 8pt;
                      font-style: normal; color: grey;">The contents of
                      this email (including any attachments) are
                      privileged & confidential. If you are not an
                      intended recipient, you must not copy, distribute,
                      take action in reliance on or disclose any details
                      of the e-mail (including any attachments) to any
                      other person, firm or corporation. If you received
                      this email in error, please notify us immediately.</p>
                  </td>
                </tr>
              </tbody>
            </table>
          </div>
        </blockquote>
        <br>
        <br>
        <div class="moz-signature">-- <br>
          <table width="600px">
            <tbody>
              <tr>
                <td>
                  <address style="font-family: Arial; font-size: 10pt;
                    font-style: normal; color: black;"> Roi Rodríguez
                    Méndez<br>
                    Partner @ <b>Qubitia Solutions S.L.</b><br>
                    Avda. Conde de Bugallal Nº61H 2ºA<br>
                    36004 - Pontevedra (SPAIN)<br>
                    Phone. +34886213038<br>
                    <a moz-do-not-send="true"
                      href="mailto:roi.rodriguez@qubitia.com">roi.rodriguez@qubitia.com</a><br>
                    <a moz-do-not-send="true"
                      href="http://www.qubitia.com">http://www.qubitia.com</a>
                    <br>
                    <br>
                  </address>
                </td>
              </tr>
              <tr>
                <td>
                  <p style="font-family: Arial; font-size: 8pt;
                    font-style: normal; color: black;">El contenido de
                    este e-mail (incluyendo los documentos adjuntos) es
                    privado y confidencial. Si usted no es el
                    destinatario correcto, no debe copiar, distribuir,
                    tomar medida alguna o revelar ningún detalle de este
                    e-mail (incluyendo los documentos adjuntos) a
                    ninguna persona, empresa o corporación. Si usted
                    recibiera este e-mail por error, por favor
                    notifíquenoslo inmediatamente.</p>
                </td>
              </tr>
              <tr>
                <td>
                  <p style="font-family: Arial; font-size: 8pt;
                    font-style: normal; color: grey;">The contents of
                    this email (including any attachments) are
                    privileged & confidential. If you are not an
                    intended recipient, you must not copy, distribute,
                    take action in reliance on or disclose any details
                    of the e-mail (including any attachments) to any
                    other person, firm or corporation. If you received
                    this email in error, please notify us immediately.</p>
                </td>
              </tr>
            </tbody>
          </table>
        </div>
        <br>
        <fieldset class="mimeAttachmentHeader"></fieldset>
        <br>
        <pre wrap="">_______________________________________________
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
      </blockquote>
      <br>
    </blockquote>
    <br>
    <br>
    <div class="moz-signature">-- <br>
      <table width="600px">
        <tbody>
          <tr>
            <td>
              <address style="font-family: Arial; font-size: 10pt;
                font-style: normal; color: black;">
                Roi Rodríguez Méndez<br>
                Partner @ <b>Qubitia Solutions S.L.</b><br>
                Avda. Conde de Bugallal Nº61H 2ºA<br>
                36004 - Pontevedra (SPAIN)<br>
                Phone. +34886213038<br>
                <a href="mailto:roi.rodriguez@qubitia.com">roi.rodriguez@qubitia.com</a><br>
                <a href="http://www.qubitia.com">http://www.qubitia.com</a>
                <br>
                <br>
              </address>
            </td>
          </tr>
          <tr>
            <td>
              <p style="font-family: Arial; font-size: 8pt; font-style:
                normal; color: black;">El contenido de este e-mail
                (incluyendo los documentos adjuntos) es privado y
                confidencial. Si usted no es el destinatario correcto,
                no debe copiar, distribuir, tomar medida alguna o
                revelar ningún detalle de este e-mail (incluyendo los
                documentos adjuntos) a ninguna persona, empresa o
                corporación. Si usted recibiera este e-mail por error,
                por favor notifíquenoslo inmediatamente.</p>
            </td>
          </tr>
          <tr>
            <td>
              <p style="font-family: Arial; font-size: 8pt; font-style:
                normal; color: grey;">The contents of this email
                (including any attachments) are privileged &
                confidential. If you are not an intended recipient, you
                must not copy, distribute, take action in reliance on or
                disclose any details of the e-mail (including any
                attachments) to any other person, firm or corporation.
                If you received this email in error, please notify us
                immediately.</p>
            </td>
          </tr>
        </tbody>
      </table>
    </div>
  </body>
</html>