[Openswan Users] transport works, tunnel doesnt
Rudolf Barkoczi
rudolfbarkoczi at yahoo.com
Tue Sep 9 09:48:47 EDT 2008
Hello,
I'm running 2 servers in different locations, Centos 5.2 with openswan-2.6.14-1.
I setup the configuration for IPSEC between the 2 servers and that works fine. The configuration to connect also the subnet is not working.
The /etc/ipsec.conf file has the following config:
# /etc/ipsec.conf - Openswan IPsec configuration file
#
# Manual: ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
protostack=netkey
nat_traversal=yes
include /etc/ipsec.d/*.conf
The connection configuration file:
conn test
type=tunnel
right=right-public-ip
rightsubnet=10.0.0.0/24
# rightrsasigkey=0sAQNe0OynsdPx/DXDJJTP4IOAVQPprpp5VBbm+iIRBNeCQKzFzn8Z/BVZhWV5g6AgGepqK9ldFHAg6A0X6eT5atZOKsS2r1gLtExKcE++zuiTBIbTA6hbVTOBasDuZ/GU2TVRoBf9VmuunOFctGoL79b0Z1w8hS6KJDyt7Gp5nEK+fP9qQeqloxiw7b+hZBu96ZF6kYocF2MrpNCqbwJm8XBl8YGQSYP8tjBmAzO4quJW5MkKoB+olGpKcEoI+NQW2gh3rpim/9y5w6B68aAngAQpgFpXaZLl9azbm4PijSbROsue095I6vDukj
left=my-public-ip
leftsubnet=10.18.1.0/28
# leftrsasigkey=0sAQN6fKakRwgQb3ciBP868KRMlMDBCeub8oxgdwXyJw2hrGHzk13krtkjj32TRh/AeITCNIIUIaJe5mEE2TC3K4cnr8gQgi4GoYNutVFMdNz4ydelJTTUw0wowwGN1OkcsW1YCrwJIKlzV0ciHbVLDHkrwWZMn2UXCRDcp+uYBCDG/hMXf5WYKuM7IrbQVR1V6SSiZbgOIoNC6PaxoZTyhoMplwwGbFpDIkPamUBiXXFEHgDv/pUfRs6ZcqQtflBFB0xtBkUp7dZ4giAj44jjkHBmLezRtPO8UKbSyTP7135WAdtjkVBNIc7h
esp=3des
authby=secret
keyexchange=ike
pfs=no
auto=start
As you can see, I tryed using RSA and also PSK key.
If I'm comenting the leftsubnet and rightsubnet everything works fine. But I'm not able to connect the subnets.
Any help?
Respectfully,
Rudolf Barkoczi
More information about the Users
mailing list