[Openswan Users] VPN over ADSL
Necati Demir
necati at labristeknoloji.com
Mon Nov 21 18:37:59 CET 2005
Paul Wouters wrote:
>On Mon, 21 Nov 2005, Necati Demir wrote:
>
>
>
>>>>192.52.5.2 ===192.52.5.1(ADSL modem - a.b.c.d is external ip ) --------
>>>>e.f.g.h is dial-up === 192.168.0.0/24
>>>>
>>>>
>
>
>
>>#iptables -I INPUT -s IP_ADDR -j ACCEPT
>>#iptables -I OUTPUT -d IP_ADDR -j ACCEPT
>>
>>
>
>Your forwarding policies are also relevant. Hency my question to run
>'ipsec verify'
>
>
Ok, i am sending 'ipsec verify' outputs of each hosts.
[root at host2 root]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan 2.4.3 (klips)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [FAILED]
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
----
[root at host1 root]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan 2.4.3 (klips)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [FAILED]
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: necati.vcf
Type: text/x-vcard
Size: 272 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20051121/beff4913/necati-0001.vcf
More information about the Users
mailing list