[Openswan Users] Remote SSH dropped when IPSEC started

David Wilson dave at dcdata.co.za
Wed Nov 30 12:28:01 CET 2005 

Weird - my subject got trimmed ?

Kind regards

David Wilson
CNS, CLS, Linux+
T: 0860-1-LINUX
F: 0866878971
M: 0824147413
E: support at dcdata.co.za
W: http://www.dcdata.co.za

----- Original Message ----- 
From: "David Wilson" <dave at dcdata.co.za>
To: <users at openswan.org>
Cc: <matt at dcdata.co.za>
Sent: Wednesday, November 30, 2005 11:39 AM
Subject: [Openswan Users]


> Hi guys,
>
> I have a network here in South Africa that needs to connect to a network 
> in Germany via IPSEC using a preshared secret key.
> We are trying to use a Suse Linux server with OpenSWAN here in South 
> Africa to establish the connection to Germany so that the LANS may 
> communicate with each other.
>
> The Internal LAN range here in S.A is 192.168.0.0/24.
> The Internal LAN range in Germany is 129.50.0.0/16.
> Our public IP on our Linux server is 196.12.241.21.
> The public IP on the gateway we need to connect to is 81.79.160.12
>
> My problem is that when I run a (/etc/init.d/ipsec start), which I guess 
> does something along the lines of (ipsec auto --up net-to-net), my remote 
> SSH session to the server stops. Once this has happened, then I cannot get 
> back into the server. My just connection times out, I can't even ping the 
> Linux server.
> I'm guessing that as soon as the IPSEC VPN initializes it changes my 
> normal IP default route/gateway ?
> Any ideas on what could be causing this ?
>
> My entire /etc/ipsec.conf looks like this:
> version 2.0
> conn net-to-net
>        authby=secret
>        left=81.79.160.12
>        leftsubnet=129.50.0.0/16
>        leftnexthop=%defaultroute
>        right=196.12.241.21
>        rightsubnet=192.168.0.0/24
>        rightnexthop=81.79.160.12
>        auto=start
>
> Unfortunately my knowlege of IPSEC is dangerous I'm sure I've got 
> something wrong somewhere.
> Any assistance or input would be greatly appreciated.
>
> Thanks in advance !
>
>
> Kind regards
>
> David Wilson
> CNS, CLS, Linux+
> T: 0860-1-LINUX
> F: 0866878971
> M: 0824147413
> E: support at dcdata.co.za
> W: http://www.dcdata.co.za
>
> -- 
> This email and all contents are subject to the following disclaimer:
> http://www.dcdata.co.za/emaildisclaimer.html
>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users 


-- 
This email and all contents are subject to the following disclaimer:
http://www.dcdata.co.za/emaildisclaimer.html

More information about the Users mailing list