[Openswan Users] openswan ignoring ike requests
Stefan Bosnjakovic
s.bosnjakovic at safecomms.com
Thu Sep 29 14:19:13 CEST 2005
Hi List,
I'm getting slightly desperate with Openswan.
I installed openswan-2.4.0 on a linux-2.4.31-kernel with nat-t-patch
running an iptables-fw and try to connect my Win2k notebook to it.
I tried both native win2k-ipsec and a commercial ipsec-client, both work
with other destinations, but it seems hopeless with linux.
I can see the ike-requests from win2k beeing accepted by iptable, but they
seem to end up in nirvana, as I get not log message by either klips or
pluto, simply nothing. I defined klipsdebug=all and plutodebug=all.
I tried to build ipsec both as a module and compile it statically into the
kernel, I tried both PSK and RSA certificats - no luck. I stil get no log
entries of the incoming ike packet ...
I tried all the guidelines I could find on wiki.opwenswan.org - seems
hopeless.
I also opened UDP 500 and 4500 and IP 50 and 51 on the external interface,
defined "ipsec0=eth0" in ipsec.conf and tried to declare ipsec0 and eth0
as external interfaces in iptables ...
"ipsec very" declares everything to be ok :-(
Anybody any ideas for further investigation?
any thanx in advance -
Cheers, Stefan!
More information about the Users
mailing list