[Openswan Users]
Server connection and peer-to-peer connection on the same machine
Alaa Dalghan
alaadalghan at hotmail.com
Sat Oct 22 22:49:55 CEST 2005
Hi everyone,
I have to gateway machines running openswan 2.3.1.
I want to configure a tunnel between the two gateways, and at the same time,
enable each one of them to accept additional dynamic roadwarrior
connections. In other words, i need two connections on each machine, but i
can't figure out the right combination.
My ipsec.conf file on machine A is the following:
config setup
interfaces="ipsec0=eth0"
nat_traversal=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn accept-roadwarriors
left=(ip of machine A)
leftsubnet=0.0.0.0/0
leftcert=jini.alaadin.com.pem (machine A certificate)
right=%any
auto=start
pfs=yes
conn tunnel-to-machine-B
left=(ip of machine A)
leftcert=jini.alaadin.com.pem (machine A certificate)
right=(ip of machine B)
rightcert=jana.alaadin.com.pem (machine B certificate)
auto=start
pfs=yes
As for the first connection, everything is good: The machine is accepting
dynamic roadwarriors.
The problem is in the next connection, cause when i try to ping B from A, i
get "resource temporarily unavailable".
Any help will be appreciated,
Alaadin
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
More information about the Users
mailing list