[Openswan Users] Openswan to Openswan

Tsitsi mediatsitsi-vpn at yahoo.fr
Fri Dec 16 16:45:46 CET 2005 

Thank you !!!

I forget to put gateway GW B 192.168.100.144 into the
machine network B
That's working!!! 

I  implement also a vpn remote-access in the Gateway
GW B with L2TP. 

Tsitsi


--- Paul Wouters <paul at xelerance.com> a écrit :

> On Fri, 16 Dec 2005, Tsitsi wrote:
> 
> > >>>>>This is ipsec verify command from GW A and GW
> B
> 
> Looks good. I guess if possible sniff/trace some
> traffic
> to see what is going on.
> 
> Paul
> 
> >
> >
> > Checking your system to see if IPsec got installed
> and
> > started correctly:
> > Version check and ipsec on-path
> >                  [OK]
> > Linux Openswan U2.2.0/K2.6.8-2-386 (native)
> > Checking for IPsec support in kernel
> >                  [OK]
> > Checking for RSA private key (/etc/ipsec.secrets)
> >                  [FAILED]
> > ipsec showhostkey: no default key in
> > "/etc/ipsec.secrets"
> > Checking that pluto is running
> >                  [OK]
> > Two or more interfaces found, checking IP
> forwarding
> >                  [OK]
> > Checking NAT and MASQUERADEing
> >                  [N/A]
> > Checking for 'ip' command
> >                  [OK]
> > Checking for 'iptables' command
> >                  [OK]
> > Checking for 'setkey' command for native IPsec
> stack
> > support            [OK]
> >
> > Opportunistic Encryption DNS checks:
> >    Looking for TXT in forward dns zone: debian0
> >                  [MISSING]
> >    Does the machine have at least one non-private
> > address?              [FAILED]
> >
> > [GW A]#route
> > Destination     Passerelle      Genmask        
> Indic
> > Metric Ref    Use Iface
> > 192.168.100.0   172.16.1.1      255.255.255.0   UG
> > 0      0        0 eth0
> > 192.168.1.0     *               255.255.255.0   U
> > 0      0        0 eth1
> > 172.16.1.0      *               255.255.255.0   U
> > 0      0        0 eth0
> >
> >
> > [GW B]#route
> > Destination     Passerelle      Genmask        
> Indic
> > Metric Ref    Use Iface
> > 192.168.100.0   *               255.255.255.0   U
> > 0      0        0 eth1
> > 192.168.1.0     172.16.1.3      255.255.255.0   UG
> > 0      0        0 eth0
> > 172.16.1.0      *               255.255.255.0   U
> > 0      0        0 eth0
> > default         192.168.100.251 0.0.0.0         UG
> > 0      0        0 eth1
> >
> > --- Paul Wouters <paul at xelerance.com> a écrit :
> >
> > > On Thu, 15 Dec 2005, Tsitsi wrote:
> > >
> > > > I found in many documentation for Frees/Wan
> that
> > > you
> > > > must copy the file from GW A to GW B
> > >
> > > You often can, you do not have to.
> > >
> > > > 004 "site-to-site" #8: STATE_QUICK_I2: sent
> QI2,
> > > IPsec
> > > > SA established {ESP=>0x026f97ce <0xacc37e2a}
> > >
> > > Looks good.
> > >
> > > > That's working but i can't ping from network A
> to
> > > > network B
> > >
> > > what does 'ipsec verify' say?
> > >
> > > Paul
> > >
> >
> >
> >
> >
> >
> >
> >
>
___________________________________________________________________________
> > Nouveau : téléphonez moins cher avec Yahoo!
> Messenger. Appelez le monde entier à partir de 0,012
> €/minute !
> > Téléchargez sur http://fr.messenger.yahoo.com
> >
> 
> -- 
> 
> "Happiness is never grand"
> 
> 	--- Mustapha Mond, World Controller (Brave New
World)



	
	
		
___________________________________________________________________________ 
Nouveau : téléphonez moins cher avec Yahoo! Messenger. Appelez le monde entier à partir de 0,012 €/minute ! 
Téléchargez sur http://fr.messenger.yahoo.com

More information about the Users mailing list