[Openswan Users] roadwarrior over pppoe

Peter McGill petermcgill at goco.net
Tue Aug 28 11:13:02 EDT 2007 

A cannot start the connection, because B's IP is not known/dynamic.
B must start the connection.
 
Change A's ipsec.conf auto=add to reflect this.
This will solve A's error, it will answer but not start.
 
Also your B's rightid does not match your A's rightid, this will cause problems, make them the same.
 
B is not getting a good internet connection setup, it can't find default route.
Before you try to start openswan on B, make sure the internet connection DSL PPPoE is up and running.
ifconfig should show an interface for the internet, probably ppp0.
route should show a default route:
ie) 0.0.0.0/0 gw ?.?.?.?
 
Peter McGill
 



  _____  

From: users-bounces at www.openswan.org [mailto:users-bounces at www.openswan.org] On Behalf Of Toni Cosma
Sent: August 28, 2007 10:22 AM
To: users at www.openswan.org
Subject: [Openswan Users] roadwarrior over pppoe


Hi all,
 
I try to make a roadwarrior tunnel
from A to B.
 
A has a static IP.
B has a DSL connection PPP-OE.
 
A ipsec.conf is:
 
conn A-B_rw
    left=xxx.yyy.zzz.vvvv
    leftnexthop=xxx.yyy.zzz.aaa
    leftsubnet=192.168.sss.0/24
     <mailto:leftid=@A-vpn.atp-exodus.ro> leftid=@A-vpn.atp-exodus.ro
    right=%any
     <mailto:rightid=@B-vpn.atp-exodus.ro> rightid=@B-vpn.atp-exodus.ro
    rightsubnet=192.168.ppp.0/24
    type=tunnel
    auth=esp
    authby=rsasig
    leftrsasigkey=0sA0....            
    rightrsasigkey=0sAq...    
    auto=start

B ipsec.conf is:
   
conn A-B_rw
    left=xxx.yyy.zzz.vvvv
    leftnexthop=xxx.yyy.zzz.aaa
    leftsubnet=192.168.sss.0/24

     <mailto:leftid=@A-vpn.atp-exodus.ro> leftid=@A-vpn.atp-exodus.ro
    right=%defaultroute
     <mailto:rightid=@cluj-vpn.atp-exodus.ro> rightid=@cluj-vpn.atp-exodus.ro
    rightsubnet=192.168.ppp.0/24
    type=tunnel
    auth=esp
    authby=rsasig
    leftrsasigkey=0sA0....            
    rightrsasigkey=0sAq...    
    auto=start

 
after "ipsec start" B syslog is:

Aug 28 17:06:21 B ipsec__plutorun: ipsec_auto: fatal error in "A-B_rw": %defaultroute requested but not known
Aug 28 17:06:21 B ipsec__plutorun: 021 no connection named "A-B_rw"
Aug 28 17:06:21 B ipsec__plutorun: ...could not route conn "A-B_rw"
Aug 28 17:06:21 B ipsec__plutorun: 021 no connection named "A-B_rw"
Aug 28 17:06:21 B ipsec__plutorun: ...could not start conn "A-B_rw"

and A error message after: ipsec auto --up A-B_rw is:
            "A-B_rw": cannot initiate connection without knowing peer IP address (kind=CK_TEMPLATE)
 
Thx for help.
 
Bye

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070828/a9a785b8/attachment.html

More information about the Users mailing list