[Openswan Users] VPN tunnel established but could not transferdata for one roadwarrior setup and could transfer data for anotherroadwarrior setup

Mohamed Mydeen.A mohamedmydeen.a at jasmin-infotech.com
Mon Apr 7 04:25:19 EDT 2008 

Hi Alex,

Thank you very much for your soon reply.  I have not enabled NAT-T in
ipsec.conf.  Will it be the problem for my case ? 

I will enable it and then I will let you know the result.

Regards,

Mohamed Mydeen A

-----Original Message-----
From: Alex Crow [mailto:acrow at integrafin.co.uk] 
Sent: Monday, April 07, 2008 1:51 PM
To: Mohamed Mydeen.A
Cc: users at openswan.org
Subject: Re: [Openswan Users] VPN tunnel established but could not
transferdata for one roadwarrior setup and could transfer data for
anotherroadwarrior setup


> 
>  
> 
>
My_Laptop(openswan-2.4.10_running_here_in_Suse_Linux_10.1_as_Client)--------
------------Internet-------------------MyOffice_Hardware_Firewall-----------
--My_Office_LAN
> 
> 10.15.23.89
> 57.85.78.65                                    172.16.0.0/16
> 
>  
> 
>  
> 
> I am trying to connect my laptop as a roadwarrior to my office LAN
> which is behind Hardware Firewall.  I am able to establish tunnel
> between my Laptop and to my office Firewall. After the tunnel is
> established, if I ping from my Laptop to any one of the PCs in my
> office LAN, I am not able to ping to that PC (Infact it is the case
> for every PC). Here the Internet Service Provider for my Laptop
> connection is giving Local IP address like 10.15.23.89.  This is the
> first scenario. I am giving here the ipsec.conf and ipsec.secrets for
> the first scenario
> 
>  
> 
> Ipsec.conf file will be as follows:
> 
> 
>  
> 
> left=10.15.23.89                         (Local IP Address assigned to
> my Laptop by one ISP)
> 
> leftsubnet=10.15.23.89/32           (Subnet of my Laptop)
> 
> right=57.85.78.65                       (Public IP or WAN IP of my
> office Hardware firewall)
> 
> rightsubnet=172.16.0.0/16          (Local Subnet of my office LAN)
> 
> keyexchange=ike
> 
> ike=3des-md5-modp1024
> 
> auth=esp
> 
> esp=3des-md5
> 
> authby=secret


Do you have NAT traversal enabled? It doesn't seem so from this config.

Alex

More information about the Users mailing list