[Openswan Users] openswan and red hat enterprise
Stephen Wong
stephen.wong at avacue.com
Thu Apr 1 13:52:21 CEST 2004
Paul,
I probably need your help too.
My problem is very similar to the one in the previous conversation.
I am using RedHat ES 3 with the backport. I do found that I have the esp4 module. What I did is I compiled the userland program using the packing/redhat/openswan.26spec. My problem is weird, I can connect without any problem if both server and client is direct connected to the internet. Once my client is behind the NAT router, the server stay in STATE_MAIN_R2 forever waiting for MI3 to come. Any hint ?
My ipsec.conf file (with OE disabled) is like this
version 2.0
config setup
interfaces=%defaultroute
plutodebug=no
uniqueids=yes
nat_traversal=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
esp=3des
leftupdown="/etc/ipsec_updown.sh"
leftcert=vpn.pem
left=%defaultroute
leftrsasigkey=%cert
right=%any
rightrsasigkey=%cert
rightca=%same
conn rwarrior
leftsubnet=10.0.0.0/8
auto=add
pfs=yes
My ipsec.secrets file is like this
: RSA vpn.pem
Thanks,
Stephen.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040401/21c5cb13/attachment.htm
More information about the Users
mailing list