[Openswan Users] max of two tunnels sharing same phase 1?
Elvar
elvar at elvar.org
Tue Aug 5 14:09:47 EDT 2008
Hello,
I'm trying to connect my linux firewall box to my work's Fortinet VPN
concentrator using Openswan and while I can get two of the three tunnels
to work fine, I can never get more than two working. If I change the
order or only use two, any of them will work, so I know they are all
good individually. When I try and use more than two, the traffic on the
way back seems to get lost. How do I make it so that all three of those
tunnels work at the same time? Anyone have any idea why only two at a
time will work? My config is below...
conn test1
left=72.14.207.99
leftsubnet=172.16.30.0/24
leftsourceip=172.16.30.1
right=206.190.60.37
rightsubnet=172.25.7.0/24
#auth=esp
#auto=start
authby=secret
#specify encryption FortiGate VPN uses
#esp=des-md5
ike=3des-sha1-1024
esp=3des-md5
#perfect forward secrecy (default yes)
#pfs=no
#optionally enable compression
compress=yes
auto=start
conn test2
left=72.14.207.99
leftsubnet=172.16.30.0/24
leftsourceip=172.16.30.1
right=206.190.60.37
rightsubnet=192.168.0.0/16
#auth=esp
#auto=start
authby=secret
#specify encryption FortiGate VPN uses
#esp=des-md5
ike=3des-sha1-1024
esp=3des-md5
#perfect forward secrecy (default yes)
#pfs=no
#optionally enable compression
compress=yes
auto=start
conn test3
left=72.14.207.99
leftsubnet=172.16.30.0/24
leftsourceip=172.16.30.1
right=206.190.60.37
rightsubnet=172.15.1.0/24
#auth=esp
#auto=start
authby=secret
#specify encryption FortiGate VPN uses
#esp=des-md5
ike=3des-sha1-1024
esp=3des-md5
#perfect forward secrecy (default yes)
#pfs=no
#optionally enable compression
compress=yes
auto=start
Kind regards,
Elvar
More information about the Users
mailing list