[Openswan Users] problems with: could not start conn "tunnel"

Vida Luz Arista viaris at gmail.com
Tue Mar 28 16:41:34 CEST 2006


Hi All,

I have installed tpm openswan for Fedora Version 4, I need to establish a
vpn with a cisco 800, the problem es that the VPN can't be established, the
message error in my linux is: ipsec__plutorun: ...could not start conn
"tunnelipsec"

I don't have firewall then I Haven't iptables rules, If I don't have
firewall I need iptables rules ? is necesary?

My configuration is:

ipsec.conf
=========

# /etc/ipsec.conf - Openswan IPsec configuration file
        #ike=            "3des-md5-modp768"

version 2.0

config setup
        interfaces="ipsec0=eth0"
        klipsdebug=none
        plutodebug=none
        forwardcontrol=yes

conn tunnelipsec
        type=tunnel
        left=165.98.224.82
        leftsubnet=172.16.1.0/24
        right= 165.98.236.214
        rightsubnet=172.16.26.0/24
        esp=3des-md5-96
        keyexchange=ike
        pfs=no
        authby=secret
        ikelifetime=7800
        compress=no
        auto=start

include /etc/ipsec.d/no_oe.conf

ipsec.secrets

=========

165.98.224.82 165.98.236.214: PSK "vp17226"



Configuration for the router is:



crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
crypto isakmp key vp17226 address 165.98.224.82
!
!
crypto ipsec transform-set DICE esp-3des esp-sha-hmac
!
crypto map DICE 10 ipsec-isakmp
 set peer 165.98.224.82
 set transform-set DICE
 match address 100

interface Ethernet1
 description PRIVADA
 ip address 165.98.236.214 255.255.255.252
 duplex auto
 crypto map DICE



Somebody can help me? I need suggestions.



Thanks in Advanced.

Regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060328/1cf4d0ca/attachment.htm


More information about the Users mailing list