[Openswan Users] Fedora 8 and Netscreen
Michael Lavallee
mlavalle at hotmail.com
Tue May 6 00:39:27 EDT 2008
Hi everyone,
I need a bit of help with a VPN I am setting up. I need to connect to
the company that I do work for, and they are using a Juniper Netscreen
device on their end. I am able to bring the tunnel up but I can't seem
to connect to the other end.
I'll post my configuration, maybe someone can point out what I have done
wrong!
When I type "ipsec --auto up myvpn" I get a success from what I can see:
...
004 "myvpn" #4: STATE_QUICK_I2: sent QI2, IPsec SA established
And this is my configuration:
conn myvpn
auto=add
authby=secret
compress=no
ike=aes256-sha1-modp1024
esp=aes256-sha1
pfs=yes
left=209.105.205.212
leftsubnet=192.168.3.1/32
right=192.127.94.73
rightsubnet=192.127.220.100/32
But when I run a traceroute on 192.127.220.100 I can see it going
through a bunch of hops, basically through the Internet just as if there
was no VPN. I check my route and I see:
192.127.220.100 * 255.255.255.255 UH 0 0 0 ppp0
nrba-dsl.onlink * 255.255.255.255 UH 0 0 0 ppp0
72.38.58.0 * 255.255.255.128 U 0 0 0 eth1
192.168.3.0 * 255.255.255.0 U 0 0 0 eth2
link-local * 255.255.0.0 U 0 0 0 eth1
default * 0.0.0.0 U 0 0 0 ppp0
Now I can see that the first line is the VPN, but I'm thinking things
aren't routing properly? I'm not sure where to look from here. My
ultimate goal is to be able to telnet to one of the two IP addresses
behind their firewall so I can do my work.
More information about the Users
mailing list