[Openswan Users] NET-TO-NET ROUTE OK BUT NO ENCRYPTION
Aaron Lewis
subspace_com at hotmail.com
Thu Feb 10 22:25:53 CET 2005
I am trying to setup a simple "test" net-to-net system for dept.
proof-of-concept. Pings route accross fine but there seems to be no
encryption occuring.
192.168.1.0/24===192.168.1.1---200.1.1.1...200.1.1.2---192.168.2.1===192.168.2.0/24
Arch: I am running Fedora Core 3 | 2.6 Kernel
Soft: Installed Openswan 2.3.0 from rpm
When running 'ipsec auto --up conn-name' I get ...
#32: STATE_QUICK_I1: initiate
#32: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=> 0x87174370
<0x4cb090c}
I validated the ipsec requirements with 'ipsec verify' and everything comes
out ok.
If I run a 'service ipsec status' I get the following output which indicates
no tunnel ...
IPsec running
pluto pid xxxxx
No tunnels up
ipsec.conf is setup as follows ...
Version 2.0
config setup
interfaces="ipsec0=eth0"
conn conn-name
type=tunnel
authby=rsasig
auth=esp
auto=start
left=192.168.1.1
leftid=@leftfqdn
leftsubnet=192.168.1.0/24
leftnexthop=200.1.1.1
leftrsasigkey=<very long key here>
right=192.168.2.1
rightid=@rightfqdn
rightsubnet=192.168.2.0/24
rightnexthop=200.1.1.2
rightrsasigkey=<very long key here>
I verified my rsasigkeys to what is in the ipsec.secrets files.
Is there a routing table kept specifically for ipsec use and if so how can I
configure/use.
Has anyone else had this issue?
Any help is greatly appreciated! Willing to provide additional info.
Regards,
Incompetent Openswan User
More information about the Users
mailing list