[Openswan Users] Ipsec auto --up {tunnelname} hangs
Greg Scott
GregScott at InfraSupportEtc.com
Fri Jun 20 14:39:41 EDT 2008
> end up sharing a phase1 if you connect both tunnels to the same IP
> addresses on each end. Which might be part of your problem?
I just saw this after I sent my other long-winded email. The IP
Addresses on the LAN side are different but the Internet side is the
same for both. Here are relevant portions of the conn definitions.
# basic configuration
conn JanesvilleCheetah-Everywhere
type=tunnel
#
# Left security gateway, subnet behind it, next hop toward
right.
#
also=janesvillecheetah
leftupdown=/etc/ipsec.d/janesville.cheetah-updown.sh
#
# Right security gateway, subnet behind it, next hop toward
left.
#
also=hq
auto=start
conn JanesvillePNT-Everywhere
type=tunnel
#
# Left security gateway, subnet behind it, next hop toward
right.
#
also=janesvillepnt
leftupdown=/etc/ipsec.d/janesville.pnt-updown.sh
#
# Right security gateway, subnet behind it, next hop toward
left.
#
also=hq
auto=ignore
conn janesvillecheetah
left=nnn.mmm.79.74
leftnexthop=nnn.mmm.79.78
leftsubnet=172.21.2.0/24
leftsourceip=172.21.2.1
leftid=@janesvillecheetah.local
# RSA 2192 bits Janesville-fw Wed Apr 30 11:17:40 2008
leftrsasigkey=0sAQPXn8RAob3n5...
conn janesvillepnt
left=nnn.mmm.79.74
leftnexthop=nnn.mmm.79.78
leftsubnet=172.20.2.0/24
leftsourceip=172.20.2.254
leftid=@janesvillepnt.local
# RSA 2192 bits Janesville-fw Wed Apr 30 11:17:40 2008
leftrsasigkey=0sAQPXn8RAob3n5...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080620/11088a34/attachment.html
More information about the Users
mailing list