[Openswan Users] ipsec.secrets
Bastien Rocheron
bastien.rocheron at free.fr
Fri May 14 10:16:14 CEST 2004
well, thanks a lot, I'm trying to fix it
Bastien Rocheron
Sat, 8 May 2004 14:04:12 +0200 (MET DST)
Paul Wouters <paul at xelerance.com> Message original :
> On Fri, 7 May 2004, Bastien Rocheron wrote:
>
> > conn roadwarrior-net
> > leftsubnet=192.168.1.0/24
> > also=roadwarrior
> >
> > conn roadwarrior
> > left=192.168.1.10
> > leftcert=host.mynet.net.pem
> > #right=%defaultroute
> > right=192.168.1.1
> > rightcert=gateway.mynet.net.pem
> > auto=start
> > pfs=yes
>
> This cannot work. Both ends of the roadwarrior are within the
> 192.168.1.0/24 range, and you're making a subnet for that same
> range.
>
> > conn roadwarrior-allnet
> > leftsubnet=0.0.0.0/0
> > also=roadwarrior
> >
> > conn roadwarrior
> > right=%any
> > left=192.168.1.1
> > leftcert=gateway.mynet.net.pem
> > auto=add
> > pfs=yes
>
> And the subnet definitions do not match on client and server.
>
> Paul
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20040514/a6174a37/attachment.bin
More information about the Users
mailing list