[Openswan Users] problem with net-to-net configuration
Gary Long
long at magillem.com
Mon Dec 6 04:48:50 EST 2010
Hi again :)
Sorry for the late answer. I wasn't able to work on this until today =(
I tried the ip addr command on both computer and they both have only
their local ip addresses on eth0.
machine 1 :
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP qlen 100
link/ether 00:0d:56:8a:73:6d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.200/24 brd 192.168.1.255 scope global eth0
inet6 fe80::20d:56ff:fe8a:736d/64 scope link
valid_lft forever preferred_lft forever
machine 2:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
link/ether 00:13:54:5d:45:8d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.200/24 brd 192.168.1.255 scope global eth0
inet6 fe80::194:64ff:fe5d:9970/64 scope link
valid_lft forever preferred_lft forever
217.128.31.99 is the IP of the left side adsl box and the vpn server is
connected on it, in a DZM. It is the same configuration type on the
right side :o
Le 30/11/2010 19:45, Willie Gillespie a écrit :
> I believe that left (or right) needs to be set to an IP address of the
> computer.
>
> If you run "ip addr" on left, is 217.128.31.99 listed?
>
> Gary Long wrote:
>> Both machine are behind an ISP box. Sorry if it does not answer your
>> question but i'm not expert in IT :/ I'm not sure about what you're
>> asking me.
>> In my ipsec.conf file, the nat_traversal option is set to yes.
>>
>> Thank you :)
>>
>> Le 30/11/2010 19:31, Willie Gillespie a écrit :
>>> Gary Long wrote:
>>>> 022 "net-to-net": We cannot identify ourselves with either end of
>>>> this connection.
>>>
>>> Just checking: left or right is set to an IP address on this
>>> machine, right? Or are you behind a NAT of some sort?
>>
More information about the Users
mailing list