[Openswan Users] Openswan to Openswan

[Tsitsi]

Hello!

I try to test a configuration from a private network:

192.168.1.0/24
      |(192.16.1.1)
Openswan 2.2.0(GW A Debian )
      |
172.16.1.3
      |
    switch
      |
172.16.1.1
      |
Openswan 2.2.0 (GW B Debian )
      |(192.168.100.144)
192.168.100.0/24

  In what way ipsec.conf in GW A and GW B must be the
same file,
I found in many documentation for Frees/Wan that you
must copy the file from GW A to GW B

#ipsec.conf GW A
conn site-to-site
        keyingtries=1
        authby=secret
        leftnexthop=%direct
        pfs=no
        left=172.16.1.3
        leftsubnet=192.168.1.0/24
        right=172.16.1.1
        rightsubnet=192.168.100.0/24
        auto=add
#ipsec.conf GW B
conn site-site
        authby=secret
        keyingtries=1
        # leftnexthop=%direct
        pfs=no
        rekey=no
        left=172.16.1.1
        leftsubnet=192.168.100.0/24
        right=172.16.1.3
        rightsubnet=192.168.1.0/24
        auto=add

# ipsec auto --up site-to-site
104 "site-to-site" #7: STATE_MAIN_I1: initiate
106 "site-to-site" #7: STATE_MAIN_I2: sent MI2,
expecting MR2
108 "site-to-site" #7: STATE_MAIN_I3: sent MI3,
expecting MR3
004 "site-to-site" #7: STATE_MAIN_I4: ISAKMP SA
established
112 "site-to-site" #8: STATE_QUICK_I1: initiate
004 "site-to-site" #8: STATE_QUICK_I2: sent QI2, IPsec
SA established {ESP=>0x026f97ce <0xacc37e2a}

That's working but i can't ping from network A to
network B

eg : from A (192.168.1.3): ping 192.168.100.23 no
result
but from A( 192.168.1.3)  I can ping 192.168.100.144 
Is it a normal ?

Thank's    




	

	
		
___________________________________________________________________________ 
Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international.
Téléchargez sur http://fr.messenger.yahoo.com