[Openswan Users] VPN working only one direction

Kevin Kizer kkizer at lgdpc.com
Fri May 15 16:19:11 EDT 2009 

Hello all,

 

I am new to the world of Openswan so please bear with me,

 

I have semi successfully setup a network to network IPSEC vpn, the
connection is up  and the remote site can access the LAN at the main
office. The problem is the main office cannot connect to the remote
sites LAN. 

 

Here is my ipsec.conf

 

[root at mail etc]# cat ipsec.conf

# The config file changed quite a bit from 1.x.

# See
http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/upgrading.html

 

version 2.0

 

config setup

        interfaces=%defaultroute

        klipsdebug=none

        plutodebug=none

        uniqueids=yes

        nat_traversal=yes

 
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:
!10.1.3.0/255.255.255.0,%v4:!/,%v4:!10.1.1.0/255.255.255.0,%v4:!192.168.
0.104/32,%v4:!172.31.0.0/24,%v4:!192.168.0.108/32,%v4:!192.168.0.110/32,
%v4:!192.168.0.113/32,%v4:!172.31.0.0/24,%v4:!10.1.2.0/24,%v4:!10.1.2.0/
24,%v4:!192.168.0.106/32,%v4:!192.168.0.109/32,%v4:!172.31.0.0/24,%v4:!1
92.168.0.121/32,%v4:!192.168.0.101/32,%v4:!192.168.101.0/24,%v4:!192.168
.102.0/24,%v4:!192.168.100.0/24

 

# Default policy

#---------------

 

conn %default

        authby=secret

        auto=start

conn Waterboard

        left=71.207.246.143

        leftnexthop=%defaultroute

        leftsubnet=192.168.101.0/24

        right=216.180.47.81

        rightsubnet=192.168.100.0/255.255.255.0

        rightnexthop=%defaultroute

        pfs=no

        dpddelay=30

        dpdtimeout=120

        dpdaction=hold

        authby=secret

        auto=start

 

 

# Disable OE

#-----------

 

conn block

        auto=ignore

 

conn private

        auto=ignore

 

conn private-or-clear

        auto=ignore

 

conn clear-or-private

        auto=ignore

 

conn clear

        auto=ignore

 

conn packetdefault

        auto=ignore

 

# Tunnels defined in separate files

#----------------------------------

 

 

 

The left is the main office and the right is the remote office.

 

 

Here is my routing table

 

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface

216.180.47.80   *               255.255.255.252 U     0      0        0
eth0

192.168.100.0   *               255.255.255.0   U     0      0        0
eth1

192.168.101.0   216.180.47.82   255.255.255.0   UG    0      0        0
eth0

default         216.180.47.82   0.0.0.0         UG    0      0        0
eth0

 

 

I think my issue is that there is no route for the tunnel. 

 

Please help this newbie.......

 

 

Kevin J. Kizer

Network Support Supervisor

Local Government Corporation

714 Armstrong LN

Columbia, TN 38401

931-381-1155

1-800-737-1826

networksupport at localgovcorp.com

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090515/f301fadf/attachment-0001.html

More information about the Users mailing list