[Openswan Users] Ping problem

huarito huaritex huarito at linuxmail.org
Wed Feb 7 11:09:38 EST 2007


Hi guys:

At this time i have installed:

- openswan-2.4.5-2.1
- Server A Linux FC6 with openswan, Public IP-A
- Server B Linux FC6 with openswan, Public IP-B
- Topology net-to-net, connecting two LAN subnets, as follow:

                                   IP-A                 IP-B
112.168.100.7/14 subnet-->[Server A]-->======INTERNET=====[Server B]<--- 10.0.0.17/26
subnet

My problems are:
a)
when i type:
#service ipsec status
IPsec running  - pluto pid: 4796
pluto pid 4796
1 tunnels up
#cat /var/log/secure
i see the follow line:  #6: I did not send a certificate because I do not have one
How do i solve this?
b)
i cannot make a ping between two subnets.
#ping 112.168.100.7
My iptables rules are:
/sbin/iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT

/sbin/iptables -A INPUT -p udp --sport 50 --dport 50 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 50 --dport 50 -j ACCEPT

/sbin/iptables -A INPUT -p 50 -j ACCEPT
/sbin/iptables -A OUTPUT -p 50 -j ACCEPT

/sbin/iptables -A INPUT -p udp --sport 51 --dport 51 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 51 --dport 51 -j ACCEPT

/sbin/iptables -A INPUT -p udp --sport 4500 --dport 4500 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 4500 --dport 4500 -j ACCEPT


/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o eht1 -j ACCEPT

By the default i am using the FC6 Firewall, follow by my iptables rules show above.

Regards
        Huarito

=
OfficeWorld: Paper Trimmers - Much More
OfficeWorld.com search results: paper trimmers. Over 35,000 business products in-stock, up to 80% savings, industry-leading service. Free next-day delivery over $49.
http://a8-asy.a8ww.net/a8-ads/adftrclick?redirectid=1c86d0fdd30ed354b0e9c66a61b78b76


-- 
Powered by Outblaze


More information about the Users mailing list