[Openswan Users] Problem making LAN 2 LAN Network

Scott MacKay scottmackay at yahoo.com
Thu Oct 14 04:46:29 CEST 2004 

Not sure of any other issues but your leftsubnet and
rightsubnet entries are backwards....

-Scott

--- Jan Madsen <Jan at im-teknik.dk> wrote:

> Hallo everybody
> I have tried to make a simple LAN 2 LAN with
> OpenSWAN. When I try to start
> the IPsec I get the error 
> VPN-server ipsec__plutorun: ...could not start conn
> "l2l"
> In /var/log/messeges
> 
> My configuration is like this.
> 
> VPN Box on Network A 192.168.40.0/24
> IP Address at Local	192.168.40.1/24
> IP Address at Remote 	192.168.0.80/24
> 
> 
> VPN Box on Network B 192.168.41.0/24
> IP Address at Local	192.168.41.1/24
> IP Address At Remote	192.168.0.81/24
> 
> 
> 192.168.40.1 |----|192.168.0.80  (VPN Line)   
> |----|192.168.41.1
> -------------| A  |----------------------------| B 
> |----------
> 	  |----|                192.168.0.81|----|
> 	  
> 
> Now here is my configuration (ipsec.conf) on VPN BOX
> A
> 
> include /etc/ipsec.d/examples/no_oe.conf
> 
> config setup
>         interfaces=%defaultroute
>         nat_traversal=yes
>  
>
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,!%v4:192
> .168.0.0/24
>         klipsdebug=none
>         plutodebug=none
> 
> conn l2l
>         left=192.168.0.80
>         leftsubnet=192.168.41.0/24
>         leftnexthop=%defaultroute
> 
>         right=192.168.0.81
>         rightsubnet=192.168.40.0/24
>         rightnexthop=%defaultroute
> 
>         auto=start
> 
> And this is my error in /var/log/messages
> 
> Oct 14 09:14:17 VPN-server ipsec_setup: KLIPS ipsec0
> on eth0
> 192.168.0.80/255.255.255.0 broadcast 192.168.0.255 
> Oct 14 09:14:18 VPN-server ipsec_setup: ...Openswan
> IPsec started
> Oct 14 09:14:18 VPN-server ipsec_setup: Starting
> Openswan IPsec
> U2.2.0/K2.6.5-1.358...
> Oct 14 09:14:19 VPN-server ipsec__plutorun: 104
> "l2l" #1: STATE_MAIN_I1:
> initiate
> Oct 14 09:14:19 VPN-server ipsec__plutorun: ...could
> not start conn "l2l"
> 
> 
> I have tried to install another version of OpenSWAN
> but is the same error,
> and I can't get my VPN up going.
> I can't see what I have done wrong... but my route
> looks weird hmmm...
> The 192.168.40.0 network is NOT at 192.168.0.2 it's
> on 192.168.0.81
> I have tried to change the rightnexthop, and my
> leftnexthop to 192.168.0.81
> And then the route looks okay, but I still have the
> errors in my
> /var/log/messages
> 
> Route -n
> 192.168.0.0     0.0.0.0         255.255.255.0   U   
>  0      0        0 eth0
> 192.168.40.0    192.168.0.2     255.255.255.0   UG  
>  0      0        0 eth0
> 192.168.41.0    0.0.0.0         255.255.255.0   U   
>  0      0        0 eth1
> 169.254.0.0     0.0.0.0         255.255.0.0     U   
>  0      0        0 eth1
> 127.0.0.0       0.0.0.0         255.0.0.0       U   
>  0      0        0 lo
> 0.0.0.0         192.168.0.2     0.0.0.0         UG  
>  0      0        0 eth0
> 
> 
> Best regards
> Jan Madsen
> Im_Teknik & Data
> +45 9776 1193     Office Phone
> +45 2368 8533     Work Cell Phone
> 
> 
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 



		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com

More information about the Users mailing list