[Openswan Users]
David Wilson
dave at dcdata.co.za
Thu Dec 1 17:40:17 CET 2005
Hi Keith,
Excellent ! I think it's now working ? I don't get locked out of my system
when I start ipsec !
Once ipsec has started I get the following in /var/log/messages:
Dec 1 17:35:00 mail pluto[24105]: "net-to-net" #1: ISAKMP SA established
....
....
...
Dec 1 17:29:18 mail pluto[22347]: "net-to-net" #6: IPsec SA established
.......
My routing table now shows:
Destination Gateway Genmask Flags Metric Ref Use
Iface
129.50.0.0 196.12.241.1 255.255.0.0 UG 0 0 0 EXT
After about 2 minutes I then get:
Dec 1 17:36:47 mail pluto[24105]: "net-to-net" #1: received Delete SA
payload: replace IPSEC State #2 in 10 seconds
Dec 1 17:36:47 mail pluto[24105]: "net-to-net" #1: received and ignored
informational message
Dec 1 17:36:47 mail pluto[24105]: "net-to-net" #3: responding to Quick Mode
Dec 1 17:36:47 mail pluto[24105]: "net-to-net" #3: transition from state
(null) to state STATE_QUICK_R1
Dec 1 17:36:49 mail pluto[24105]: "net-to-net" #3: transition from state
STATE_QUICK_R1 to state STATE_QUICK_R2
Dec 1 17:36:49 mail pluto[24105]: "net-to-net" #3: IPsec SA established
......
Does this mean it's working ? 196.12.241.1 is the normal IP gateway for my
network.
Thank you so much for all your help - I guess it's working ? Please correct
me if I'm wrong.
Kind regards
David Wilson
CNS, CLS, Linux+
T: 0860-1-LINUX
F: 0866878971
M: 0824147413
E: support at dcdata.co.za
W: http://www.dcdata.co.za
----- Original Message -----
From: "Keith Morse" <kgmorse at mpcu.com>
To: <users at openswan.org>
Sent: Thursday, December 01, 2005 3:48 AM
Subject: Re: [Openswan Users]
> David Wilson wrote:
>> Hi guys,
>>
>>
>> My problem is that when I run a (/etc/init.d/ipsec start), which I
>> guess does something along the lines of (ipsec auto --up net-to-net),
>> my remote SSH session to the server stops. Once this has happened,
>> then I cannot get back into the server. My just connection times out,
>> I can't even ping the Linux server.
>> I'm guessing that as soon as the IPSEC VPN initializes it changes my
>> normal IP default route/gateway ?
>> Any ideas on what could be causing this ?
> This happened to me on my first OpenSwan ipsec setup. Searching
> revealed the following in list archives.
>
> I added the following include in my ipec.conf file.
>
> include /etc/ipsec.d/examples/no_oe.conf
>
> and you should review the above file. I can't remember if it needed any
> uncommenting action.
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
> --
> This email and all contents are subject to the following disclaimer:
> http://www.dcdata.co.za/emaildisclaimer.html
>
--
This email and all contents are subject to the following disclaimer:
http://www.dcdata.co.za/emaildisclaimer.html
More information about the Users
mailing list