[Openswan Users] Windows XP (lsipsectool) - Debian connection Problem

[Dharmesh Chauhan]

I am trying to net-to-roadwarrior IPSEC connection beween debian gateway and a Windows XP machine using lsipsectool (http://sourceforge.net/projects/lsipsectool/). I was able to establish the connection but could not get desired pings.

However after adding one routing table entry in Windows XP machine I could get the desired results (Details mentioned below). 

ipsec.conf on debian gateway
=========================
version 2.0

config setup
        interfaces=%defaultroute
        nat_traversal=yes

conn %default
        keyingtries=1

conn nettwo
        left=10.10.136.90
        leftsubnet=192.168.1.0/24
        right=10.10.136.10
         rightsubnet=192.168.1.0/24
        authby=secret
        esp=3des-md5
        pfs=yes
        auto=start
    
LsipsecTool Settings
===================

Local Side of the tunnel:
    IPAddress: 10.10.136.44
    Local Address/Network Mask : 10.10.136.44 / 255.255.255.255

Remote Side of the tunnel
---------------------------------------
    VPN Gateway: 10.10.136.90
    Remote Internal IP: 10.10.136.90
    Private Address/Network Mask: 192.168.1.0 / 255.255.255.0

IPSec Options
---------------------

    Authentication method : Pre-shared key (yogesh)
    Proto/Encryption/Registry:  ESP   3DES  MD5
    IKE Duration 3500 Secs. 50000 KBytes



These configurations established the connection but I could get desired pings only after adding routing table entry in Windows XP side with the command

ROUTE   ADD   192.168.1.0   MASK 255.255.255.0    10.10.136.90


However When I tried to establish Net-to-Net  Connection  with  these changes

psec.conf on debian gateway
=========================
version 2.0

config setup
        interfaces=%defaultroute
        nat_traversal=yes

conn %default
        keyingtries=1

conn nettwo
        left=10.10.136.90
        leftsubnet=192.168.1.0/24
        right=10.10.136.10
         rightsubnet=192.168.0.0/24
        authby=secret
        esp=3des-md5
        pfs=yes
        auto=start
    
 LsipsecTool Settings
 ===================
 
 Local Side of the tunnel:
     IPAddress: 10.10.136.44
     Local Address/Network Mask : 192.168.0.0 / 255.255.255.0
 
 Remote Side of the tunnel
 ---------------------------------------
     VPN Gateway: 10.10.136.90
     Remote Internal IP: 10.10.136.90
     Private Address/Network Mask: 192.168.1.0 / 255.255.255.0
 
 IPSec Options
 ---------------------
 
     Authentication method : Pre-shared key (yogesh)
     Proto/Encryption/Registry:  ESP   3DES  MD5
     IKE Duration 3500 Secs. 50000 KBytes
 
 
Here also connection got established but desired pings are not obtained even after adding routing table entry using
ROUTE   ADD   192.168.1.0   MASK 255.255.255.0    10.10.136.90

I also tried setting up Windows XP machine as router (http://www.haxial.com/faq/routerconfig/winxp/) but then also I couldn't get desired pings.

Can anybody help me for these queries

       Net-to-net vpn connection between Windows XP and Linux Openswan.
       Why it required to add routing table entry for Net-to-roadwarror connection.
       Why Windows XP does not add any virtual connection for IPSEC (like ipsec0 in linux) and relevent routing table entries.


       
---------------------------------
 5, 50, 500, 5000. Store N number of mails in your inbox. Click here.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070726/95cb52e2/attachment-0001.html