[Openswan Users] OpenSwan Connection Problems
Bradish, Simon
simon.bradish at accuris-networks.com
Wed Feb 28 05:03:12 EST 2007
Hi
Very very new to OpenSwan and IPSec so please forgive any newbie errors.
I have some problems with the following setup...
10.2.2.0/24 >---< 10.2.2.1 :OpenSwan GW #1: External IP Address NATed to 10.248.1.193 >---->>>
(Left)
INTERNET
(Right)
<<<----< External IP Address NATed to 10.30.1.217 :OpenSwan Gw #2: 10.248.49.246 >---< 10.248.49.0/24
Right config file as follows:
nat_traversal=yes
conn test
# Remote Machine
left=OpenSwan GW #2 External IP Address
leftid=@fmcgw
# Remote subnet we are to access
leftsubnet=10.2.2.0/24
# Remote machines key
leftrsasigkey=
# This machine
right=10.30.1.217
rightid=@six
# Subnet we wish the far side to access
rightsubnet=10.248.49.0/24
# This machines key
rightrsasigkey=
auto=add
Left config file as follows:
nat_traversal=yes
conn test
# This Machine
left=10.248.1.193
leftid=@fmcgw
# Subnet we wish the far side to access
leftsubnet=10.2.2.0/24
# This machines key
leftrsasigkey=
# Remote machine
right= OpenSwan GW #1 External IP Address
rightid=@six
# Remote subnet we are to access
rightsubnet=10.248.49.0/24
# Remote machines key
rightrsasigkey=
auto=add
I bring up the conn and all connects well, NATs are detected.
However nothing will go down the IPSec connection.
Strange thing is if I change the config files such that the left subnet is 10.248.1.0/24 I can then ping 10.248.49.X from 10.2.2.X
I cannot however ping back the other way.
Any ideas / problems ...?
Help much appreciated.
Simon
________________________________________________________________
Simon Bradish
Software Engineer
Accuris Networks Ltd.
O'Connell Bridge House, D'Olier St., Dublin 2
Ph: +353-1-881-8761, Fax: +353-1-881-8701
http://www.accuris-networks.com/
More information about the Users
mailing list