[Openswan Users] Openswan to Openswan

Tsitsi mediatsitsi-vpn at yahoo.fr
Fri Dec 16 10:03:43 CET 2005 

>>>>>This is ipsec verify command from GW A and GW B



Checking your system to see if IPsec got installed and
started correctly:
Version check and ipsec on-path                       
                 [OK]
Linux Openswan U2.2.0/K2.6.8-2-386 (native)
Checking for IPsec support in kernel                  
                 [OK]
Checking for RSA private key (/etc/ipsec.secrets)     
                 [FAILED]
ipsec showhostkey: no default key in
"/etc/ipsec.secrets"
Checking that pluto is running                        
                 [OK]
Two or more interfaces found, checking IP forwarding  
                 [OK]
Checking NAT and MASQUERADEing                        
                 [N/A]
Checking for 'ip' command                             
                 [OK]
Checking for 'iptables' command                       
                 [OK]
Checking for 'setkey' command for native IPsec stack
support            [OK]

Opportunistic Encryption DNS checks:
   Looking for TXT in forward dns zone: debian0       
                 [MISSING]
   Does the machine have at least one non-private
address?              [FAILED]

[GW A]#route 
Destination     Passerelle      Genmask         Indic
Metric Ref    Use Iface
192.168.100.0   172.16.1.1      255.255.255.0   UG   
0      0        0 eth0
192.168.1.0     *               255.255.255.0   U    
0      0        0 eth1
172.16.1.0      *               255.255.255.0   U    
0      0        0 eth0


[GW B]#route
Destination     Passerelle      Genmask         Indic
Metric Ref    Use Iface
192.168.100.0   *               255.255.255.0   U    
0      0        0 eth1
192.168.1.0     172.16.1.3      255.255.255.0   UG   
0      0        0 eth0
172.16.1.0      *               255.255.255.0   U    
0      0        0 eth0
default         192.168.100.251 0.0.0.0         UG   
0      0        0 eth1

--- Paul Wouters <paul at xelerance.com> a écrit :

> On Thu, 15 Dec 2005, Tsitsi wrote:
> 
> > I found in many documentation for Frees/Wan that
> you
> > must copy the file from GW A to GW B
> 
> You often can, you do not have to.
> 
> > 004 "site-to-site" #8: STATE_QUICK_I2: sent QI2,
> IPsec
> > SA established {ESP=>0x026f97ce <0xacc37e2a}
> 
> Looks good.
> 
> > That's working but i can't ping from network A to
> > network B
> 
> what does 'ipsec verify' say?
> 
> Paul
> 



	
	
		
___________________________________________________________________________ 
Nouveau : téléphonez moins cher avec Yahoo! Messenger. Appelez le monde entier à partir de 0,012 €/minute ! 
Téléchargez sur http://fr.messenger.yahoo.com

More information about the Users mailing list