[Openswan Users] not quite there - ipsec SA proposal no working
Mads Rasmussen
mads at grupof.com.br
Mon Jan 24 18:59:03 CET 2005
Paul Wouters escreveu:
> Can you try openswan 2.3.0?
I'm using 2.2.0, would that be a problem?
Current config works, SSH sentinel tries to connect to
10.30.0.0/255.255.0.0 and ipsec.conf has "leftsubnet=10.30.0.0/16" in
the roadwarrior config, the real internal network routed by the gw is
also 10.30.0.0/255.255.0.0
Do I need to specify a virtual IP with SSH Sentinel? I cannot ping
anything even though the tunnel is established nicely.
Regards,
Mads
conn %default
authby=rsasig
left=pernambuco.dyndns.org
leftcert=pernambuco-gw.pem
rightrsasigkey=%cert
pfs=yes
auto=add
conn road
right=%any
leftsubnet=10.30.0.0/16
leftid="/C=BR/ST=Sao Paulo/O=Grupo F
Arquitetura/OU=TI/CN=pernambuco.dy\
ndns.org"
rightid="/C=BR/O=Grupo F Arquitetura/OU=TI/CN=remote at grupof.com.br"
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.7.2 - Release Date: 21/1/2005
More information about the Users
mailing list