[Openswan Users] openswan ipsec VPN

Paul Wouters paul at xelerance.com
Mon Oct 31 03:58:20 CET 2005


On Sat, 29 Oct 2005, Nick Woolley wrote:

> conn <name>
>         type=transport
>         left=10.0.0.99
>         leftnexthop=10.0.0.2
>         leftcert=<name>.pem
>         leftid=%any
>         leftprotoport=17/1701
>         right=%any
>         rightid=%any
>         rightprotoport=17/1701
>         pfs=no
>         auto=add

Does this connection load at all? I thought openswan did not like having
right=%any and type=transport in the same code (and the work around was to
leave out type=transport and it would still work with transport mode).

> It works fine locally, but I get nothing at all when it connects over the
> internet.  The connection times out on Windows and gives error 792
> (timeout).  I also get absolutely nothing when I do a "tcpdump -n -i eth0
> not port 22", which suggests the packets just aren't going anywhere, but I
> have no idea why.  Do I need to get VPN pass through routers at both ends of
> the tunnel?  IS that what is stopping the connection getting started?
>
> Any thoughts or suggestions anyone may have would be great as I am really at
> a loss.

Check the logs and tell us what it says.

Paul


More information about the Users mailing list