[Openswan Users] VPN over WLAN to IPCop
Piers Kittel
debian at biased.org
Wed Sep 1 23:47:21 CEST 2004
Hi all,
Am trying to make a VPN connection to IPCop 1.4b4 - I tried to set up
using Windows first, and after a while, I have succeeded. But now I
want to set up the same connection to IPCop but for Linux. Here is the
ipsec.conf file on IPCop (autocreated when I did stuff in the VPN
section, but added in "pfs=no" myself):
conn VPN
left=192.168.2.1
leftsubnet=0.0.0.0/0.0.0.0
right=%any
rightsubnet=vhost:%no,%priv
dpddelay=30
dpdtimeout=120
dpdaction=clear
authby=secret
auto=add
pfs=no
and here's the ipsec.conf file I use on Windows:
conn Home
left=192.168.2.1
leftsubnet=*
right=%any
presharedkey=<hidden>
network=auto
auto=start
and it works just fine. As for Linux, I'm using Debian 3.1 Sarge, with
OpenSwan 2.1.5 with kernel 2.4.26. I copied and modified the ipsec.conf
file slightly and here is what I have:
version 2.0
conn home
left=192.168.2.1
leftsubnet=0.0.0.0/0.0.0.0
right=%any
rightsubnet=vhost:%no,%priv
authby=secret
auto=start
pfs=no
include /etc/ipsec.d/examples/no_oe.conf
Thing is that I tried putting "presharedkey" in the file, but ispec
didn't recognise the parameter and so I took it out, but am not sure
where I should be putting the key.
Anyway, I restart ipsec, and it seems all OK, but when I try "ipsec auto
--up home" it says "022 "home": we cannot identify ourselves with either
end of this connection.". Where do I go from here? Logs on both
computers aren't helpful. What am I doing wrong?
When I tried "leftsubnet=0.0.0.0/0.0.0.0" on Windows, it wouldn't work,
but "leftsubnet=*" was okay, but when I used "leftsubnet=*" on Linux it
wouldn't work.
By the way, in the wiki documentation
(http://wiki.openswan.org/index.php/Configuring), there's an line:
"ipsec auto --start net-to-net"
tried that, but "--start" isn't recognised.
Thanks very much for your help in advance
Cheers - Piers
More information about the Users
mailing list