[Openswan Users] IPSec Host to Host over Internet Tunnel Configuration
Mozillaner
mozillaner at gmail.com
Sat Oct 3 07:29:04 EDT 2009
Dear OpenSwan Users,
I'm trying for some time to establish an OpenSwan tunnel connection
between two hosts over the Internet, but unfortunately until now
without success.
This is a test setup for a university project and the configuration is
as follows:
# Host_1 # ------------ ######### PC with two NIC's ##########
----------- INTERNET ----------- # Host_2 #
192.168.1.3 192.168.1.2 130.83.239.102 130.83.239.101
The router function on the PC is activated. The secure tunnel
connection must be established between the Host_1 in a private network
and Host_2 on the Internet.
The ipsec.conf files are as follows:
#Host_1 ipsec.conf
conn Host_1_to_Host_2
left=192.168.1.3
leftnexthop=192.168.1.2
right=130.83.239.101
presharedkey=secret
network=lan
auto=start
authmode=SHA1
pfs=yes
type=tunnel
#Host_2 ipsec.conf
conn Host_2_to_Host_1
left=130.83.239.101
right=192.168.1.3
rightnexthop=130.83.239.102
presharedkey=secret
network=lan
auto=start
authmode=SHA1
pfs=yes
type=tunnel
If I try to ping the Host_2 from Host_1 I'll get always the message
"IP security is being negotiated". The ping from Host_2 to Host_1
fails with "Request timed out.".
Are the config files correct?
What is wrong in my configuration above?
Thanks,
Vladimir
More information about the Users
mailing list