[Openswan Users] Configuration Help

Josh jhcrowe at gmail.com
Thu Feb 8 12:41:45 EST 2007


Paul,

I implemented the conf suggestion and I am not showing any tunnels
up....when I run the following command:

ipsec auto --up systema-systemb

I get the following error: "no connection named systema-systemb"

yet when I look at the config file I specifically state:

conn systema-systemb

any thoughts?


sorry about the additional questions but I do appreciate your help.

Thanks,

Josh


On 2/8/07, Paul Wouters <paul at xelerance.com> wrote:
>
> On Thu, 8 Feb 2007, Josh wrote:
>
> > I think I have multiple problems here.  One of them being me.  After
> talking
> > to our network department they have stated that the setup is a 1 to 1
> NAT.
> > Unfortunately I provided the wrong address for System B since it is not
> on
> > the same network.  Its address is 100.100.109.3 as the public
> address.  So
> > my connection looks like this:
> >
> > SystemA (100.100.110.2) --->(100.100.109.3)NAT--->SystemB(192.168.1.3)
> >
> > So I am trying to find a good example online that would mimic this setup
> so
> > I could use their config file but I am confused when I so no explanation
> as
> > to what the following key words mean:
>
> on system a:
>
> in config setup:
> nat_traversal=yes
>
> in conn systema-systemb:
>
> left=100.100.110.2
> leftrsasigkey=
> right=192.168.1.3
> rightrsasigkey=
> auto=start
>
> on system b:
>
> in config setup:
> nat_traversal=yes
> virtual_private=%v4:100.100.110.0/24,%v4:!192.168.1.0/24
>
> in conn systema-systemb:
>
> left=192.168.1.3
> leftrsasigkey=
> right=%any
> rightrsasigkey=
> auto=add
>
> Values for the rsa keys can be obtained by running: ipsec showhostkey
> --left or
> ipsec showhostkey --right on those systems.
>
> Paul
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070208/ace1e20e/attachment-0001.html 


More information about the Users mailing list