[Openswan Users] No Traffic with ipsec
James
james at nttmcl.com
Thu Jun 7 13:27:57 EDT 2007
Before you say anything i already went over the wiki about this.
Firewalls are all open and it should be working but i dunno why.
I can get a perfect vpn connection with windows and l2tp.
I can establish an SA
"roadwarrior"[2] 75.52.246.141 #4: STATE_QUICK_R2: IPsec SA established
{ESP=>0x74c1f0d7 <0xcabb09e3 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
so that's up but when i ping nothing happens. Vpn Server isn't even
getting the requests.
I did a tcpdump on the client side and it's not getting any ARP
responses from anywhere.
it just keeps saying
ARP "who has "pinged-host" tell "vpn-client""
do i need to do something with the routing tables on the server or
client or something?
There computers are both not behind any NATs
It should be a direct connection over the internet from one interface to
the other.
Below are the config files for Server and Client:
Server conf:
conn roadwarrior
authby=rsasig
leftrsasigkey=%cert
left=%defaultroute
leftcert=/etc/ipsec.d/certs/vpnserver.pem
leftsubnet=0.0.0.0/0
rightrsasigkey=%cert
right=%any
rightsubnet=vhost:%no,%priv
auto=add
pfs=yes
keyingtries=1
Client conf:
conn roadwarrior
authby=rsasig
leftrsasigkey=%cert
left=%defaultroute
leftcert=/etc/ipsec.d/certs/vpnclient.pem
rightrsasigkey=%cert
right=xxx.xxx.xxx.195
rightsubnet=0.0.0.0/0
rightcert=/etc/ipsec.d/certs/vpnserver.pem
auto=add
pfs=yes
keyingtries=1
TIA
More information about the Users
mailing list