dave at dcdata.co.za
Thu Dec 1 17:40:17 CET 2005
Excellent ! I think it's now working ? I don't get locked out of my system
when I start ipsec !
Once ipsec has started I get the following in /var/log/messages:
Dec 1 17:35:00 mail pluto: "net-to-net" #1: ISAKMP SA established
Dec 1 17:29:18 mail pluto: "net-to-net" #6: IPsec SA established
My routing table now shows:
Destination Gateway Genmask Flags Metric Ref Use
22.214.171.124 126.96.36.199 255.255.0.0 UG 0 0 0 EXT
After about 2 minutes I then get:
Dec 1 17:36:47 mail pluto: "net-to-net" #1: received Delete SA
payload: replace IPSEC State #2 in 10 seconds
Dec 1 17:36:47 mail pluto: "net-to-net" #1: received and ignored
Dec 1 17:36:47 mail pluto: "net-to-net" #3: responding to Quick Mode
Dec 1 17:36:47 mail pluto: "net-to-net" #3: transition from state
(null) to state STATE_QUICK_R1
Dec 1 17:36:49 mail pluto: "net-to-net" #3: transition from state
STATE_QUICK_R1 to state STATE_QUICK_R2
Dec 1 17:36:49 mail pluto: "net-to-net" #3: IPsec SA established
Does this mean it's working ? 188.8.131.52 is the normal IP gateway for my
Thank you so much for all your help - I guess it's working ? Please correct
me if I'm wrong.
CNS, CLS, Linux+
E: support at dcdata.co.za
----- Original Message -----
From: "Keith Morse" <kgmorse at mpcu.com>
To: <users at openswan.org>
Sent: Thursday, December 01, 2005 3:48 AM
Subject: Re: [Openswan Users]
> David Wilson wrote:
>> Hi guys,
>> My problem is that when I run a (/etc/init.d/ipsec start), which I
>> guess does something along the lines of (ipsec auto --up net-to-net),
>> my remote SSH session to the server stops. Once this has happened,
>> then I cannot get back into the server. My just connection times out,
>> I can't even ping the Linux server.
>> I'm guessing that as soon as the IPSEC VPN initializes it changes my
>> normal IP default route/gateway ?
>> Any ideas on what could be causing this ?
> This happened to me on my first OpenSwan ipsec setup. Searching
> revealed the following in list archives.
> I added the following include in my ipec.conf file.
> include /etc/ipsec.d/examples/no_oe.conf
> and you should review the above file. I can't remember if it needed any
> uncommenting action.
> Users mailing list
> Users at openswan.org
> This email and all contents are subject to the following disclaimer:
This email and all contents are subject to the following disclaimer:
More information about the Users