[Openswan Users] VPN over ADSL

Necati Demir necati at labristeknoloji.com
Sun Nov 20 18:20:22 CET 2005


Hi all,
I have two hosts, one of them uses dial-up and the other uses ADSL.

192.52.5.2 ===192.52.5.1(ADSL modem - a.b.c.d is external ip ) -------- 
e.f.g.h is dial-up === 192.168.0.0/24

I have two problems.
a.b.c.d can connect to e.f.g.h bu using "ipsec auto --up connection" but 
e.f.g.h can not connect to a.b.c.d. Virtual Setting are ok in ADSL 
modem. And although i can connect to a.b.c.d with the host which have 
dial-up, i can not ping 192.52.5.2.

And these are the config files, can anyone help me?

CONFIG FILE OF 192.52.5.2

version 2.0

config setup
       interfaces=%defaultroute
       nat_traversal=yes
       uniqueids=no
       
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/24,%v4:192.52.4.0/24,%v4:192.52.5.0/24 

       klipsdebug=all
       plutodebug=all

conn %default
       keyingtries=1
       compress=no
       disablearrivalcheck=yes
       authby=rsasig
       leftrsasigkey=%cert
       rightrsasigkey=%cert
       keyexchange=ike

conn connection
       left=%defaultroute
       leftsubnet=192.52.5.0/24
       leftcert=host1.pem
       rightcert=host2.pem
       right=e.f.g.h
       rightsubnet=192.168.0.0/24
       auto=add
       pfs=yes

conn block
       auto=ignore

conn private
       auto=ignore


conn private-or-clear
       auto=ignore

conn clear-or-private
       auto=ignore

conn clear
       auto=ignore

conn packetdefault
       auto=ignore

include /etc/ipsec.d/examples/no_oe.conf



CONFIG FILE OF e.f.g.h
version 2.0

config setup
       interfaces=%defaultroute
       nat_traversal=yes
       uniqueids=no
       
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/24,%v4:192.52.4.0/24,%v4:192.52.5.0/24 

       klipsdebug=all
       plutodebug=all

conn %default
       keyingtries=1
       compress=no
       disablearrivalcheck=yes
       authby=rsasig
       leftrsasigkey=%cert
       rightrsasigkey=%cert
       keyexchange=ike


conn roadwarrior
       left=%defaultroute
       leftcert=host2.pem
       leftsubnet=192.168.0.0/24
       right=a.b.c.d
       rightsubnet=192.52.5.0/24
       rightcert=host1.pem
       auto=add
       pfs=yes

conn block
       auto=ignore

conn private
       auto=ignore

conn private-or-clear
       auto=ignore

conn clear-or-private
       auto=ignore

conn clear
       auto=ignore

conn packetdefault
       auto=ignore

include /etc/ipsec.d/examples/no_oe.conf





More information about the Users mailing list