[Openswan Users] Could use some help here openswan

Tue Apr 17 07:29:03 EDT 2007

On 4/17/07, TESTVPN R119LNXADM <testvpn.r119lnxadm at googlemail.com> wrote:
>
> Ipsec.conf
>
> conn net-to-net
>   left=172.16.12.33                # Public Internet IP address of the
>                                   # LEFT VPN device
>   leftsubnet= 255.255.255.0/24     # Subnet protected by the LEFT VPN
> device
>   leftid=@bbsvarel.local            # FQDN of Public Internet IP address
> of the
>                                   # LEFT VPN device with an "@"
>
> leftrsasigkey=0sAQPIo+CSrWZVWD/aFtRpl8Hbh6yWjEEkgHvZu8ORZuohxfOPAeVOpOSOUB2SIKE0tnNuwlaP8zPqVyvxPUncjjtDJFI6sBmicXTJiDnadUJp8onwm1kxKS6olRM+b4iFaiqr//ciZBygrysnG1sbYJce15gpXmecnbRFYqTQRdI8XFvL40SaNQwtdcOB3pIQqV4OF47unoUkHquL6Sh2ZQYOoqgtaP7++ozOJ6KTc1+J/xVeksRAH0LN+rZ0CsbUGqVabZk+/5QP5/s2uBBDdfFsnV/KX4q337xOptdYc1UcNGAFWkL6dAunoPKdik5zEx9NVZ0x5bv5bry3ANHMkOQgSYgE70M/Mh52zR5uMFEQhBRz
>
>   leftnexthop=%defaultroute       # correct in many situations
>   right=172.16.12.35               # Public Internet IP address of
>                                   # the RIGHT VPN device
>   rightsubnet=255.255.255.0/24    # Subnet protected by the RIGHT VPN
> device
>   rightid=@bbsvarel.local           # FQDN of Public Internet IP address
> of the
>                                   # RIGHT VPN device with an "@"
>
> rightrsasigkey=0sAQNxn7BLbjR56T666AjKY/rVr371HVunTJ/yDDafi0gRkg98gzeUXYTKpJyfZwfX/WzUP/C23nMPZpQWOYuFZNC5uPNLho/7VYU1TG2Rma5XqzZOp6XdhNkRviZp8C4DvbHrtGJIuAs6nItcpPLgcovZ3/y3KPxidfnlrckYlO4owUnbxRinyBHK2XylTVjYUx4w11/dJleM7GImiOZWIVu0SokyFhH4FyJ8wOoKrrP+mf90aWq9JVOXP4x+TQhpAxERG5qSZpSMUthB0Hr9gSfy1hk2NhbfRG+EUV5vI0oie0bBAvkfuWjbe370Zu/In1H6ETCi8+EezUndvoBRwESjV4LcnOtMMeDaPCqwsu0OXscz
>
>   rightnexthop=%defaultroute      # correct in many situations
>   auto=start                      # authorizes and starts this connection
>                                   # on booting
>
>
> Ipsec verify
>
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path
> [OK]
> Linux Openswan U2.2.0/K2.6.8-2-386 (native)
> Checking for IPsec support in kernel
> [OK]
> Checking for RSA private key (/etc/ipsec.secrets)
> [OK]
> Checking that pluto is running
> [OK]
> Two or more interfaces found, checking IP forwarding
> [OK]
> Checking NAT and MASQUERADEing
> [N/A]
> Checking for 'ip' command
> [OK]
> Checking for 'iptables' command
> [OK]
> Checking for 'setkey' command for native IPsec stack support
> [OK]
>
> Opportunistic Encryption DNS checks:
>    Looking for TXT in forward dns zone: r119-lnx-e03
> [MISSING]
> 172.16.0.1 connect: Resource temporarily unavailable
> 172.16.0.1 connect: Resource temporarily unavailable
> r119-lnx-e03.bbsvarel.local TXT record not found, try again
>    Does the machine have at least one non-private address?
> [FAILED]
>
> Trying to get the connection running
>
> r119-lnx-e03:~# ipsec auto --up net-to-net
>
> 022 "net-to-net": We cannot identify ourselves with either end of this
> connection.
>
> I'am really getting fed up with openswan at the moment. Probably my thing.
>
> Thanks in advance,
>
> Tjeard
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070417/9d2c26d5/attachment.html