[Openswan Users] Configuration problem

webmaster at elnportal.it webmaster at elnportal.it
Sat Dec 31 16:38:45 CET 2005


Hi to all, 
I'm trying to configure net to net connection with openswan.

My network configuration is:

Side 1

10.0.0.0/24 (local subnet) --> GW1 (192.168.1.4) --> (192.168.1.1) ROUTER (PUBLIC IP)--> internet
 

Side2

10.0.2.0/26 (local subnet) --> GW2 (192.168.1.2) --> (192.168.1.1) ROUTER (PUBLIC IP) --> internet


The two routers make natting from public IP to GW1 or GW2 eth0 (192.168.1.4 for GW1 and 192.168.1.2 for GW2)

GW1 configuration

version 2.0

config setup
        nat_traversal=yes
        interfaces="ipsec0=eth0"
        plutodebug="all"

conn vpn
        left=192.168.1.4
        leftsubnet=10.0.0.0/24
        leftnexthop=192.168.1.1
        right=192.168.1.2
        rightsubnet=10.0.2.0/26
        rightnexthop=PUBLICIP_GW2
        authby=secret
        auto=start

include /etc/ipsec.d/examples/no_oe.conf


GW2 configuration

version 2.0

config setup
        nat_traversal=yes
        interfaces="ipsec0=eth0"
        plutodebug="all"

conn vpn
        left=192.168.1.2
        leftsubnet=10.0.2.0/26
        leftnexthop=192.168.1.1
        right=192.168.1.4
        rightsubnet=10.0.0.0/24
        rightnexthop=PUBLICIP_GW1
        auto=start
        authby=secret

include /etc/ipsec.d/examples/no_oe.conf

IPSEC BARF give to me this error : 
"#1: ERROR: asynchronous network error report on eth0 (sport=500) for
 message to 192.168.1.4 port 500, complainant 192.168.1.2: No route to host [errno 113, origin ICMP type 3 code 1 (not authen
ticated)]"

What can I do ?

Thnaks

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20051231/01a530dc/attachment.htm


More information about the Users mailing list