[Openswan Users]

David Wilson dave at dcdata.co.za
Fri Dec 2 08:13:31 CET 2005 

Thanks Keith.
I can't ping anything on the remote network, however it could be due to 
their firewalling. I'll check with their admin.

Thanks so much for all your help.


Kind regards

David Wilson
CNS, CLS, Linux+
T: 0860-1-LINUX
F: 0866878971
M: 0824147413
E: support at dcdata.co.za
W: http://www.dcdata.co.za

----- Original Message ----- 
From: "Keith Morse" <kgmorse at mpcu.com>
To: "David Wilson" <dave at dcdata.co.za>
Sent: Friday, December 02, 2005 1:18 AM
Subject: Re: [Openswan Users]


> David Wilson wrote:
>> Hi Keith,
>>
>> Excellent ! I think it's now working ? I don't get locked out of my
>> system when I start ipsec !
>>
>> Once ipsec has started I get the following in /var/log/messages:
>> Dec  1 17:35:00 mail pluto[24105]: "net-to-net" #1: ISAKMP SA established
>> ....
>> ....
>> ...
>> Dec  1 17:29:18 mail pluto[22347]: "net-to-net" #6: IPsec SA
>> established .......
>>
>> My routing table now shows:
>> Destination     Gateway         Genmask         Flags Metric Ref
>> Use Iface
>> 129.50.0.0      196.12.241.1  255.255.0.0     UG    0      0        0 EXT
>>
>> After about 2 minutes I then get:
>> Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #1: received Delete SA
>> payload: replace IPSEC State #2 in 10 seconds
>> Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #1: received and
>> ignored informational message
>> Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #3: responding to
>> Quick Mode
>> Dec  1 17:36:47 mail pluto[24105]: "net-to-net" #3: transition from
>> state (null) to state STATE_QUICK_R1
>> Dec  1 17:36:49 mail pluto[24105]: "net-to-net" #3: transition from
>> state STATE_QUICK_R1 to state STATE_QUICK_R2
>> Dec  1 17:36:49 mail pluto[24105]: "net-to-net" #3: IPsec SA
>> established ......
>>
>> Does this mean it's working ? 196.12.241.1 is the normal IP gateway
>> for my network.
>>
>> Thank you so much for all your help - I guess it's working ?  Please
>> correct me if I'm wrong.
> Looks that way to my uneducated eye.  Will a ping make it from one
> network to another?  FWIW, the no_oe.conf is documented in OpenSwan's
> reference material on the website.
>
> -- 
> This email and all contents are subject to the following disclaimer:
> http://www.dcdata.co.za/emaildisclaimer.html
> 


-- 
This email and all contents are subject to the following disclaimer:
http://www.dcdata.co.za/emaildisclaimer.html

More information about the Users mailing list