[Openswan Users] transport works, tunnel doesn't

sd sdzf osceoladad at yahoo.com
Fri Sep 5 16:01:08 EDT 2008 

Hello,
 
I'm running 2 servers in different locations, Centos 5.2 with openswan-2.6.14-1.
 
I setup the configuration for IPSEC between the 2 servers and that works fine. The configuration to connect also the subnet is not working.
 
The /etc/ipsec.conf file has the following config:
 
# /etc/ipsec.conf - Openswan IPsec configuration file
#
# Manual:     ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0     # conforms to second version of ipsec.conf specification
# basic configuration
config setup

        interfaces=%defaultroute
        # Debug-logging controls:  "none" for (almost) none, "all" for lots.
        # klipsdebug=none
        # plutodebug="control parsing"
        # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
        protostack=netkey
        nat_traversal=yes
include /etc/ipsec.d/*.conf

The connection configuration file:
 
conn test
        type=tunnel
        right=right-public-ip
        rightsubnet=10.0.0.0/24
#     rightrsasigkey=0sAQNe0OynsdPx/DXDJJTP4IOAVQPprpp5VBbm+iIRBNeCQKzFzn8Z/BVZhWV5g6AgGepqK9ldFHAg6A0X6eT5atZOKsS2r1gLtExKcE++zuiTBIbTA6hbVTOBasDuZ/GU2TVRoBf9VmuunOFctGoL79b0Z1w8hS6KJDyt7Gp5nEK+fP9qQeqloxiw7b+hZBu96ZF6kYocF2MrpNCqbwJm8XBl8YGQSYP8tjBmAzO4quJW5MkKoB+olGpKcEoI+NQW2gh3rpim/9y5w6B68aAngAQpgFpXaZLl9azbm4PijSbROsue095I6vDukj
        left=my-public-ip
        leftsubnet=10.18.1.0/28
#        leftrsasigkey=0sAQN6fKakRwgQb3ciBP868KRMlMDBCeub8oxgdwXyJw2hrGHzk13krtkjj32TRh/AeITCNIIUIaJe5mEE2TC3K4cnr8gQgi4GoYNutVFMdNz4ydelJTTUw0wowwGN1OkcsW1YCrwJIKlzV0ciHbVLDHkrwWZMn2UXCRDcp+uYBCDG/hMXf5WYKuM7IrbQVR1V6SSiZbgOIoNC6PaxoZTyhoMplwwGbFpDIkPamUBiXXFEHgDv/pUfRs6ZcqQtflBFB0xtBkUp7dZ4giAj44jjkHBmLezRtPO8UKbSyTP7135WAdtjkVBNIc7h

        esp=3des
        authby=secret
        keyexchange=ike
        pfs=no
        auto=start

 
As you can see, I tryed using RSA and also PSK key.
If I'm comenting the leftsubnet and rightsubnet everything works fine. But I'm not able to connect the subnets.
 
Any help?
 
Respectfully,
Rudolf Barkoczi


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080905/29364236/attachment.html

More information about the Users mailing list