[Openswan Users] Tunnel up but no routing

tomk at runbox.com tomk at runbox.com
Fri Feb 4 16:39:23 CET 2005


> Gateway config:
> 
> version 2.0     # conforms to second version of ipsec.conf specification
> 
> config setup
>         interfaces=%defaultroute
>         klipsdebug=none
>         plutodebug=none
> 
> conn %default
>         keyingtries=0
>         disablearrivalcheck=no
>         left=%defaultroute
>         leftsubnet=192.168.130.0/24
> 
> conn n2n
>         authby=secret
>         right=%any
>         rightsubnet=192.168.0.0/24
>         pfs=yes
>         auto=add
> 
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
> 
> The other:
> 
> version 2.0     # conforms to second version of ipsec.conf specification
> 
> # basic configuration
> config setup
>         interfaces=%defaultroute
> 
> # Add connections here
> 
> conn n2n
>         auto=start
>         authby=secret
>         left=%defaultroute
>         leftsubnet=192.168.0.0/24
>         right=213.23.124.193
>         rightsubnet=192.168.130.0/24
>         pfs=yes
> 
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf

The leftsubnet and rightsubnet parameters need to be the same at both ends of the tunnel, Joern - you have them swapped around i.e. the first machine has

         left=%defaultroute
         leftsubnet=192.168.130.0/24

         right=%any
         rightsubnet=192.168.0.0/24

and the second machine has

         left=%defaultroute
         leftsubnet=192.168.0.0/24

         right=213.23.124.193
         rightsubnet=192.168.130.0/24

Incidentally, it's probably not the best idea to post your public IP address to a public mailing list.


More information about the Users mailing list