[Openswan Users] net 2 net connection

William Man williamman at visualrock.co.uk
Wed Sep 14 10:31:51 CEST 2005


Doh, Ah yes.  I did infact add this line, copied from some tutorial site.
However, they added the '#' char in the front, which i didn't realize meant
that it is commented out.

At least ipsec is starting up now, now need to see if i can connect

Thanks!

William


----- Original Message ----- 
From: "Paul Wouters" <paul at xelerance.com>
To: "William Man" <williamman at visualrock.co.uk>
Cc: <users at openswan.org>
Sent: Tuesday, September 13, 2005 3:13 PM
Subject: Re: [Openswan Users] net 2 net connection


> On Tue, 13 Sep 2005, William Man wrote:
>
> > This is the first time i'm posting so apologies if i make any mistakes.
> > I am looking to make an ipsec connection between 2 sites, both running
> > Linux, below are some details
> > Site_1. External IP 20.0.0.1. Subnet 192.168.1.0/24
> > Site_2. External IP 10.0.0.1. Subnet 192.168.3.0/24
> > Site_1 is using red hat 9, using "Linux Openswan
Ucvs2002Mar11_19:19:03/K"
> > Site_2 is using fedora core 3, using "Linux Openswan U2.3.1/K"
>
> > when site_2 starts up ipsec, the whole of site_2 subnet goes down.
Internet
> > is lost.
> > similar happens to site_1, intenet is lost.
> > I think there is some kind of routing error, but I'm not sure.
> > The firewall is iptables, and allows accept for 4500, 500, and ipsec
> > protocols.
> > Below is the log of site_2.secure
>
> It looks like you did not disable OE.
> On the openswan-2.3.1 side add an "include
/etc/ipsec.d/examples/no_oe.conf
> On the RH9 side you might need something similar, but the no_oe.conf might
> not be part of that install. Either copy the file or contents to the other
> machine for inclusion.
>
> Paul
> ________________________________________________________________
> This email has been scanned by ClamAV, and should be virus free.
>

________________________________________________________________
This email has been scanned by ClamAV, and should be virus free.


More information about the Users mailing list