[Openswan Users] Configuration problem
webmaster at elnportal.it
webmaster at elnportal.it
Sat Dec 31 16:38:45 CET 2005
Hi to all,
I'm trying to configure net to net connection with openswan.
My network configuration is:
Side 1
10.0.0.0/24 (local subnet) --> GW1 (192.168.1.4) --> (192.168.1.1) ROUTER (PUBLIC IP)--> internet
Side2
10.0.2.0/26 (local subnet) --> GW2 (192.168.1.2) --> (192.168.1.1) ROUTER (PUBLIC IP) --> internet
The two routers make natting from public IP to GW1 or GW2 eth0 (192.168.1.4 for GW1 and 192.168.1.2 for GW2)
GW1 configuration
version 2.0
config setup
nat_traversal=yes
interfaces="ipsec0=eth0"
plutodebug="all"
conn vpn
left=192.168.1.4
leftsubnet=10.0.0.0/24
leftnexthop=192.168.1.1
right=192.168.1.2
rightsubnet=10.0.2.0/26
rightnexthop=PUBLICIP_GW2
authby=secret
auto=start
include /etc/ipsec.d/examples/no_oe.conf
GW2 configuration
version 2.0
config setup
nat_traversal=yes
interfaces="ipsec0=eth0"
plutodebug="all"
conn vpn
left=192.168.1.2
leftsubnet=10.0.2.0/26
leftnexthop=192.168.1.1
right=192.168.1.4
rightsubnet=10.0.0.0/24
rightnexthop=PUBLICIP_GW1
auto=start
authby=secret
include /etc/ipsec.d/examples/no_oe.conf
IPSEC BARF give to me this error :
"#1: ERROR: asynchronous network error report on eth0 (sport=500) for
message to 192.168.1.4 port 500, complainant 192.168.1.2: No route to host [errno 113, origin ICMP type 3 code 1 (not authen
ticated)]"
What can I do ?
Thnaks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20051231/01a530dc/attachment.htm
More information about the Users
mailing list