[Openswan Users] Subnets conmunication?
IT Dept.
it at technovation.com.sv
Tue Jun 5 13:59:32 EDT 2007
Hi again...
Thanks for the your help....i cant get communication yet.
Here is my last conf...im only using two branches to make it more
simple...
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.2 2005/11/14 20:10:27 paul Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
forwardcontrol=yes
nat_traversal=yes
# plutodebug / klipsdebug = "all", "none" or a combation from below:
# "raw crypt parsing emitting control klips pfkey natt x509 private"
# eg:
# plutodebug="control parsing"
#
# Only enable klipsdebug=all if you are a developer
#
# NAT-TRAVERSAL support, see README.NAT-Traversal
# nat_traversal=yes
# virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
conn branch_40
also=branch_40_shared
rightsubnet=192.168.40.0/24
auto=start
conn centralbw_50
also=centralbw_50_shared
rightsubnet=192.168.50.0/24
auto=add
conn branch_40_to_centralbw_50
also=branch_40_shared
leftsubnet=192.168.50.0/24
rightsubnet=192.168.40.0/24
auto=start
conn centralbw_50_to_branch_40
also=centralbw_50_shared
leftsubnet=192.168.40.0/24
rightsubnet=192.168.50.0/24
auto=add
conn branch_40_shared
authby=secret
compress=no
ikelifetime=240m
keyexchange=ike
keylife=60m
left=208.70.149.161
leftnexthop=208.70.149.166
pfs=yes
right=190.53.0.113
rightnexthop=190.53.0.1
conn centralbw_50_shared
authby=secret
compress=no
ikelifetime=240m
keyexchange=ike
keylife=60m
left=208.70.149.161
leftnexthop=208.70.149.166
pfs=yes
right=%any
in auth.log I get that conn branch_40_shared starts fine, but I need to
manually start conn centralbw_50_shared from the linksys router, and them
the conn´s between dosent start...
Can u help me pls....
Regards
Hector
More information about the Users
mailing list