Fw: [Openswan Users] Remote SSH dropped when IPSEC started

David Wilson dave at dcdata.co.za
Thu Dec 1 07:52:56 CET 2005 

Sorry to bug you but I'm really stuck with this one.
I'm sure it's something simple that I've messed up.
Please point me in the right direction.

>
>> Hi guys,
>>
>> I have a network here in South Africa that needs to connect to a network 
>> in Germany via IPSEC using a preshared secret key.
>> We are trying to use a Suse Linux server with OpenSWAN here in South 
>> Africa to establish the connection to Germany so that the LANS may 
>> communicate with each other.
>>
>> The Internal LAN range here in S.A is 192.168.0.0/24.
>> The Internal LAN range in Germany is 129.50.0.0/16.
>> Our public IP on our Linux server is 196.12.241.21.
>> The public IP on the gateway we need to connect to is 81.79.160.12
>>
>> My problem is that when I run a (/etc/init.d/ipsec start), which I guess 
>> does something along the lines of (ipsec auto --up net-to-net), my remote 
>> SSH session to the server stops. Once this has happened, then I cannot 
>> get back into the server. My just connection times out, I can't even ping 
>> the Linux server.
>> I'm guessing that as soon as the IPSEC VPN initializes it changes my 
>> normal IP default route/gateway ?
>> Any ideas on what could be causing this ?
>>
>> My entire /etc/ipsec.conf looks like this:
>> version 2.0
>> conn net-to-net
>>        authby=secret
>>        left=81.79.160.12
>>        leftsubnet=129.50.0.0/16
>>        leftnexthop=%defaultroute
>>        right=196.12.241.21
>>        rightsubnet=192.168.0.0/24
>>        rightnexthop=81.79.160.12
>>        auto=start
>>
>> Unfortunately my knowlege of IPSEC is dangerous I'm sure I've got 
>> something wrong somewhere.
>> Any assistance or input would be greatly appreciated.
>>
>> Thanks in advance !
>>
>>
>> Kind regards
>>
>> David Wilson
>> CNS, CLS, Linux+
>> T: 0860-1-LINUX
>> F: 0866878971
>> M: 0824147413
>> E: support at dcdata.co.za
>> W: http://www.dcdata.co.za
>>
>> -- 
>> This email and all contents are subject to the following disclaimer:
>> http://www.dcdata.co.za/emaildisclaimer.html
>>
>> _______________________________________________
>> Users mailing list
>> Users at openswan.org
>> http://lists.openswan.org/mailman/listinfo/users
>
>
> -- 
> This email and all contents are subject to the following disclaimer:
> http://www.dcdata.co.za/emaildisclaimer.html
>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users 


-- 
This email and all contents are subject to the following disclaimer:
http://www.dcdata.co.za/emaildisclaimer.html

More information about the Users mailing list