[Openswan Users] Openswan Cisco Interoperability

Paul Wouters paul at xelerance.com
Wed Aug 8 01:35:55 EDT 2007 

On Wed, 8 Aug 2007, Bholi Patra wrote:

> Just for the sake of completeness I did the following setup.
> Cisco in transport mode and openswan in tunnel mode.
>
> Still an ipsec connection comes up.
> Is it a cisco bug too?

If openswan initiated, yes?

I've added a testcase for such an attempt in openswan #testing, so
if this is a bug, we will see it happen in the next testrun.

Paul

> On 8/8/07, Paul Wouters <paul at xelerance.com> wrote:
> >
> > On Wed, 8 Aug 2007, Bholi Patra wrote:
> >
> > > Yes cisco is the responder..
> > > Is there some way I can stop an ipsec connection from coming up?
> >
> > If openswan is asking transport mode as the initiator, and cisco says "ok"
> > and then sets up tunnel mode, then I'd be tempted to say the issue here is
> > a cisco bug.
> >
> > Paul
> >
> > > Bholi.
> > >
> > > On 8/7/07, Paul Wouters <paul at xelerance.com> wrote:
> > > >
> > > > On Tue, 7 Aug 2007, Bholi Patra wrote:
> > > >
> > > > > I have a test setup consisting of a cisco router on one end and a
> > linux
> > > > > machine
> > > > > running openswan 2.4.9.
> > > > >
> > > > > The Cisco machine is configured to run in tunnel mode while openswan
> > is
> > > > > configured
> > > > > for transport mode. Both use 3des and md5 for encryption and hash.
> > > > >
> > > > > I see the following behaviour.
> > > > > An ipsec tunnel comes up and I'm able to send ping packets to and
> > from
> > > > cisco
> > > > > router.
> > > > >
> > > > > Is it an expected behaviour? Shouldnt ipsec connection fail since
> > the
> > > > end
> > > > > points are
> > > > > operating in different mode?
> > > >
> > > > Which machine is the responder? I have a feeling it will be the cisco
> > one,
> > > > because openswan should fail to setup such a tunnel.
> > > >
> > > > Paul
> > > >
> > > > --
> > > > Building and integrating Virtual Private Networks with Openswan:
> > > >
> > http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> > > >
> > >
> > >
> > >
> > >
> >
> > --
> > Building and integrating Virtual Private Networks with Openswan:
> > http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >
>
>
>
>

-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list