[Openswan Users] openswan ipsec VPN
Paul Wouters
paul at xelerance.com
Mon Oct 31 03:58:20 CET 2005
On Sat, 29 Oct 2005, Nick Woolley wrote:
> conn <name>
> type=transport
> left=10.0.0.99
> leftnexthop=10.0.0.2
> leftcert=<name>.pem
> leftid=%any
> leftprotoport=17/1701
> right=%any
> rightid=%any
> rightprotoport=17/1701
> pfs=no
> auto=add
Does this connection load at all? I thought openswan did not like having
right=%any and type=transport in the same code (and the work around was to
leave out type=transport and it would still work with transport mode).
> It works fine locally, but I get nothing at all when it connects over the
> internet. The connection times out on Windows and gives error 792
> (timeout). I also get absolutely nothing when I do a "tcpdump -n -i eth0
> not port 22", which suggests the packets just aren't going anywhere, but I
> have no idea why. Do I need to get VPN pass through routers at both ends of
> the tunnel? IS that what is stopping the connection getting started?
>
> Any thoughts or suggestions anyone may have would be great as I am really at
> a loss.
Check the logs and tell us what it says.
Paul
More information about the Users
mailing list