[Openswan Users]
Gbenga
stjames08 at yahoo.co.uk
Tue Apr 25 04:09:17 CEST 2006
Greetings all,
I have been working more on my vpn issue and I am able to establish connection now (atleast from the colour and info from lsipsectool). However, I cannot ping nor pass any kind of traffic on the tunnel.
I did ipsec eroute and nothing show up.
On the lsipsectool configuration page, I had to have the Private Address/Network Mask as the same Remote Internal IP otherwise, I could not establish connection. I wonder why?? I thought that should be the internal network address.
The following are the only messages coming into /var/log/messages:
Apr 25 03:01:13 aparo kernel: klips_debug:@ flags = 6 @key=0pcf81e620 key = 00000000->00000000 @mask=0p00000000
Apr 25 03:01:13 aparo kernel: klips_debug:@ flags = 6 @key=0pcf81e634 key = ffffffff->ffffffff @mask=0p00000000
Apr 25 03:01:13 aparo kernel: klips_debug: off = 0
Apr 25 03:01:13 aparo kernel: klips_debug:ipsec_eroute_get_info: buffer=0pccf14000, *start=0p00000000, offset=0, length=1024
Apr 25 03:01:13 aparo kernel: klips_debug:rj_walktree: for: rn=0pcf94b388 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000
Apr 25 03:01:13 aparo kernel: klips_debug:rj_walktree: processing leaves, rn=0pcf94b3b8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff
Apr 25 03:01:13 aparo kernel: klips_debug:rj_walktree: while: base=0p00000000 rn=0pcf94b388 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000
And this from the /var/log/auth.log:
Apr 25 03:01:13 aparo pluto[4416]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds
Apr 25 03:01:13 aparo pluto[4416]: | pending review: connection "syseng" was not up, skipped
Apr 25 03:01:13 aparo pluto[4416]: | next event EVENT_SHUNT_SCAN in 0 seconds
Apr 25 03:01:13 aparo pluto[4416]: |
Apr 25 03:01:13 aparo pluto[4416]: | *time to handle event
Apr 25 03:01:13 aparo pluto[4416]: | handling event EVENT_SHUNT_SCAN
Apr 25 03:01:13 aparo pluto[4416]: | event after this is EVENT_PENDING_PHASE2 in 120 seconds
Apr 25 03:01:13 aparo pluto[4416]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds
Apr 25 03:01:13 aparo pluto[4416]: | scanning for shunt eroutes
Apr 25 03:01:13 aparo pluto[4416]: | next event EVENT_SHUNT_SCAN in 120 seconds
lsipsectool icon is green: IPSec Tunnel Active [OK]
my ipsec.conf:
# Specify the version of Openswan we are running
version 2
# Global configuration section:
config setup
nat_traversal=yes
klipsdebug="all"
plutodebug="all"
interfaces="ipsec0=eth1"
# General connection section:
conn %default
authby=secret
#authby=secret|rsasig
# Systems Engineering vpn connection definition:
conn syseng
left=10.10.1.57
leftsubnet=10.10.0.0/16
leftnexthop=193.95.xxx.xxx
leftsourceip=10.10.1.57
type=tunnel
right=%any
rightid=@gbenga
rekey=no
auto=add
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
include /etc/ipsec.d/examples/no_oe.conf
# virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!10.10.0.0/16
Network diagram:
10.10.0.0/16 <----------> Public GW [natting] <-----------> Roadwarrior
Many thanks,
Gbenga
More information about the Users
mailing list