[Openswan Users] IPSEC Tunnel To NETASQ
Luc MAIGNAN
luc.maignan at winxpert.com
Mon Dec 20 05:40:10 EST 2010
I'm so sorry but there are things I can't understand...
My conf is :
conn ses
type=tunnel
connaddrfamily=ipv4
authby=secret
salifetime=3600s
ike=aes-sha1
phase2alg=aes-sha1
left=7x.xxx.xxx.xx
right=8x.xxx.xx.xx
leftsubnet=192.168.50.0/24
rightsubnet=172.16.2.0/24
If I don't put the public IP address of the NAT router in the 'right'
field, how can it join it to make the tunnel ? Or shall I put the public
IP address in another Place ?
Luc
Le 20/12/10 11:34, Paul Wouters a écrit :
> On Mon, 20 Dec 2010, Luc MAIGNAN wrote:
>
>> Yes, I had the two packages on my server. So I have removed ipsec-tools
>> to leave only openswan.
>>
>> Now when I try to do an : ipsec auto --up ses
>>
>> I have the error :
>>
>> 022 "ses": We cannot identify ourselves with either end of this
>> connection
>
> Specify the correct REAL ip address, not the public address of the NAT
> router.
>
>> SAref support [disabled]: Protocol not available
>> SAbind support [disabled]: Protocol not available
>>
>> Is it normal or have I still a configuration problem ?
>
> This is harmless. It just means you do not have a kernel that supports
> those
> optional features.
>
> Paul
More information about the Users
mailing list