[Openswan Users]

David Wilson dave at dcdata.co.za
Thu Dec 1 17:40:17 CET 2005


Hi Keith,

Excellent ! I think it's now working ? I don't get locked out of my system 
when I start ipsec !

Once ipsec has started I get the following in /var/log/messages:
Dec  1 17:35:00 mail pluto[24105]: "net-to-net" #1: ISAKMP SA established
....
....
...
Dec  1 17:29:18 mail pluto[22347]: "net-to-net" #6: IPsec SA established 
.......

My routing table now shows:
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
129.50.0.0      196.12.241.1  255.255.0.0     UG    0      0        0 EXT

After about 2 minutes I then get:
Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #1: received Delete SA 
payload: replace IPSEC State #2 in 10 seconds
Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #1: received and ignored 
informational message
Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #3: responding to Quick Mode
Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #3: transition from state 
(null) to state STATE_QUICK_R1
Dec  1 17:36:49 mail pluto[24105]: "net-to-net" #3: transition from state 
STATE_QUICK_R1 to state STATE_QUICK_R2
Dec  1 17:36:49 mail pluto[24105]: "net-to-net" #3: IPsec SA established 
......

Does this mean it's working ? 196.12.241.1 is the normal IP gateway for my 
network.

Thank you so much for all your help - I guess it's working ?  Please correct 
me if I'm wrong.

Kind regards

David Wilson
CNS, CLS, Linux+
T: 0860-1-LINUX
F: 0866878971
M: 0824147413
E: support at dcdata.co.za
W: http://www.dcdata.co.za

----- Original Message ----- 
From: "Keith Morse" <kgmorse at mpcu.com>
To: <users at openswan.org>
Sent: Thursday, December 01, 2005 3:48 AM
Subject: Re: [Openswan Users]


> David Wilson wrote:
>> Hi guys,
>>
>>
>> My problem is that when I run a (/etc/init.d/ipsec start), which I
>> guess does something along the lines of (ipsec auto --up net-to-net),
>> my remote SSH session to the server stops. Once this has happened,
>> then I cannot get back into the server. My just connection times out,
>> I can't even ping the Linux server.
>> I'm guessing that as soon as the IPSEC VPN initializes it changes my
>> normal IP default route/gateway ?
>> Any ideas on what could be causing this ?
> This happened to me on my first OpenSwan ipsec setup.  Searching
> revealed the following in list archives.
>
> I added the following include in my ipec.conf file.
>
> include /etc/ipsec.d/examples/no_oe.conf
>
> and you should review the above file.  I can't remember if it needed any
> uncommenting action.
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
> -- 
> This email and all contents are subject to the following disclaimer:
> http://www.dcdata.co.za/emaildisclaimer.html
> 


-- 
This email and all contents are subject to the following disclaimer:
http://www.dcdata.co.za/emaildisclaimer.html



More information about the Users mailing list