[Openswan Users] Gateway to Static IP, no ping
Arnab Chowdry
achowdry at berkeley.edu
Fri Jun 17 15:22:22 CEST 2005
Hi all,
I am trying to set up a VPN where computers with static IP addresses can log
into a gateway computer to access a private network. I've been searching the
documentation and archives for days now without coming up with a solution,
so please forgive me if this is a naïve question. Here is my desired
topology:
(Client) 132.239.201.224 -->
[ Internet ] -->
(Gateway) 132.239.201.186(ext) 192.168.10.1(int) -->
192.168.10.0/24 (internal subnet)
Both systems are running SuSE 9.2 and my ipsec.conf file looks like:
# START /etc/ipsec.conf
version 2
config setup
interfaces="ipsec0=eth0"
klipsdebug=all
plutodebug=all
conn hades-pandemonium
left=132.239.201.186 # pandemonium
leftsubnet=192.168.10.0/24
leftnexthop=132.239.201.1
leftfirewall=yes
leftnexthop=132.239.201.1
leftfirewall=yes
leftrsasigkey=0sAQO...
right=132.239.201.224 # hades
rightnexthop=132.239.201.1
rightrsasigkey=0sAQO...
auto=add
# END /etc/ipsec.conf
When I connect, I use the command line from hades:
ipsec auto --verbose --up hades-pandemonium
And I get the normal success messages. The problem is, after I do this,
hades can't ping any of the hosts on the internal 192.168.10.0/24 subnet. I
know that hades and pandemonium can ping each other via the internet.
I've posted my ipsec barf file at http://leafnode.net/ipsec.barf.txt and I
hope someone could help me.
Thanks!
Arnab Chowdry
More information about the Users
mailing list