[Openswan Users] Tunnel up but cannot ping the other side.
Jesper Langkjær
jl at MINISOFT.DK
Thu Sep 18 01:52:44 EDT 2008
Hi.
I have problem with pinging the other side of a tunnel.
My page:
Fedora 4
Core 2.6.16.24
openswan-2.4.4-1.0.FC4.1
The other side:
Hardware box, unknown
IPSEC.CONF
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# klipsdebug=all
# plutodebug="control parsing"
# nat_traversal=yes
nat_traversal=no
interfaces="ipsec0=eth0"
conn %default
authby=rsasig
leftrsasigkey=
rightrsasigkey =
left=%defaultroute
keyingtries=1
#keylife=1200s
#ikelifetime=1200s
#conn server_VPN
# left=83.xx.xxx.xx
# leftid=83.xx.xxx.xx
# right=194.yyy.yyy.yy
# rightsubnet=192.168.37.34/32
# keyexchange=ike
# keylife=2h
# authby=secret
# auto=start
conn server_VPN
left=83.xx.xxx.xx
leftid=83.xx.xxx.xx
leftsubnet=10.27.1.0/24
right=217.yyy.yy.yy
rightsubnet=192.168.37.34/32
pfs=no
ike=3des-sha1
esp=3des-sha1
keyexchange=ike
keylife=2h
authby=secret
auto=start
auth=esp
The first CONN ar an old one that has been working, but now they installed som new hardware/moved server and now it dosent work anymore.
When i run "service ipsec start" everything looks ok and the tunnel comes up.
The other side (217.yyy.yyy.yyy) can ping my side (83.xxx.xxx.xxx) but i can't ping them.
Any advise ??
Kind regards
Jesper Langkjaer
*************************************************************************
Denne e-mail er scannet for virus og spam
*************************************************************************
More information about the Users
mailing list