[Openswan Users] vpn client - Can't Ping Hosts
Corey L. Johnson
johnson at ama-inc.com
Fri Sep 17 16:13:33 CEST 2004
I'm using ipcop 1.4.0b9 using openswan IPsec 1.0.6 and a client using openswan
2.1.4
I can ping as far as the internal interface (green) IP, but I can't ping any
other machines past it. I do think that the packets are being dropped by
IPCOP. How would I get IPCOP to a) nat them or b) simply forward them?
Some direction would be great! Could it also be my route?
here's a copy of my client-side ipsec.conf file (*modified)
version 2
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
#plutoload=%search
#plutostart=%search
uniqueids=yes
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,
%v4:!192.168.100.0/255.255.255.0,%v4:!192.168.102.0/255.255.255.0
conn %default
keyingtries=1
disablearrivalcheck=no
conn ama2road
left=1.2.3.4
leftnexthop=%defaultroute
leftsubnet=192.168.1.0/255.255.255.0
#leftcert=/var/ipcop/certs/hostcert.pem
right=%any
rightsubnet=vhost:%no,%priv
#rightcert=/var/ipcop/certs/ama2roadcert.pem
dpddelay=30
dpdtimeout=120
dpdaction=clear
authby=rsasig
leftid=@hostname.domain.com
rightid=@hostname2.domain.com
leftrsasigkey=XXX
rightrsasigkey=XXX
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20040917/7d908a62/attachment.bin
More information about the Users
mailing list