[Openswan Users] Help Please re Bordermanager interop
Max Dale
Max.Dale at quantus.co.uk
Sun Sep 21 12:55:44 EDT 2008
I have an Openswan server trying to connect to a Novell BorderManager server. the latter is current V3.9.1. The OpenSwan server has NAT enabled between an internal 192.168.3.0 net and external 192.168.101.0 net, this is then attached to a cisco router with NAT (internal 192.168.101.1 external 213.246.191.115). I have IPSec enabled in the firewall (UDP 500, UDP 4500, TCP\UDP 353 and ESP - all these are NATted on all the cisco boxes as well)
At the other end there is a cisco router with NAT 192.168.100.1 (external 213.246.173.52) pointing to a Bordermanager server 192.168.100.254 and internal 192.168.2.0 (no NAT).
Several strange things happen. If the tunnel is initialised by OpenSwan, it connects, and the BM server can see a protected network (I think 192.168.101.1). If the connection is initiated by BM the connection fails, the Openswan server seems to reject the connection. BM server never gets passed SHA-1 status which is incorrect because it is all MD5. The VPN dies eventually because the BM server tries to restart it if the line glitches.
The VPN never completes as far as BM goes, it shows as pending. Can't ping from one to the other. Have tried adding a second connection but must have done that wrong because it blows everything away.
barf is attached.
This is my first attempt at any of this so if it is rubbish I apologise.
Max
*****************************************************************************
The information contained in this e-mail is intended only for the individual
or entity to whom it is addressed. Its contents (including any attachments) are
confidential and may contain privileged information.
If you are not an intended recipient you must not use, disclose,
disseminate, copy or print its contents. If you receive this email in error,
please delete and destroy the message and notify the sender by reply email.
*****************************************************************************
Quantus is a trading name of Talos Limited, registered in Cardiff, Wales No:2210727
Registered Office: Prospect House, 20 High Street, Westerham, Kent, TN16 1RG
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080921/0a6f2fc3/attachment-0001.html
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipsecbarf.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20080921/0a6f2fc3/attachment-0001.txt
More information about the Users
mailing list