[Openswan Users] net 2 net connection
Paul Wouters
paul at xelerance.com
Tue Sep 13 17:13:29 CEST 2005
On Tue, 13 Sep 2005, William Man wrote:
> This is the first time i'm posting so apologies if i make any mistakes.
> I am looking to make an ipsec connection between 2 sites, both running
> Linux, below are some details
> Site_1. External IP 20.0.0.1. Subnet 192.168.1.0/24
> Site_2. External IP 10.0.0.1. Subnet 192.168.3.0/24
> Site_1 is using red hat 9, using "Linux Openswan Ucvs2002Mar11_19:19:03/K"
> Site_2 is using fedora core 3, using "Linux Openswan U2.3.1/K"
> when site_2 starts up ipsec, the whole of site_2 subnet goes down. Internet
> is lost.
> similar happens to site_1, intenet is lost.
> I think there is some kind of routing error, but I'm not sure.
> The firewall is iptables, and allows accept for 4500, 500, and ipsec
> protocols.
> Below is the log of site_2.secure
It looks like you did not disable OE.
On the openswan-2.3.1 side add an "include /etc/ipsec.d/examples/no_oe.conf
On the RH9 side you might need something similar, but the no_oe.conf might
not be part of that install. Either copy the file or contents to the other
machine for inclusion.
Paul
More information about the Users
mailing list