[Openswan Users] IPSEC Tunnel To NETASQ

Luc MAIGNAN luc.maignan at winxpert.com
Mon Dec 20 05:40:10 EST 2010


I'm so sorry but there are things I can't understand...

My conf is :

conn ses
     type=tunnel
     connaddrfamily=ipv4
     authby=secret
     salifetime=3600s
     ike=aes-sha1
     phase2alg=aes-sha1
     left=7x.xxx.xxx.xx
     right=8x.xxx.xx.xx
     leftsubnet=192.168.50.0/24
     rightsubnet=172.16.2.0/24

If I don't put the public IP address of the NAT router in the 'right' 
field, how can it join it to make the tunnel ? Or shall I put the public 
IP address in another Place ?

Luc


Le 20/12/10 11:34, Paul Wouters a écrit :
> On Mon, 20 Dec 2010, Luc MAIGNAN wrote:
>
>> Yes, I had the two packages on my server. So I have removed ipsec-tools
>> to leave only openswan.
>>
>> Now when I try to do an : ipsec auto --up ses
>>
>> I have the error :
>>
>> 022 "ses": We cannot identify ourselves with either end of this 
>> connection
>
> Specify the correct REAL ip address, not the public address of the NAT 
> router.
>
>> SAref support [disabled]: Protocol not available
>> SAbind support [disabled]: Protocol not available
>>
>> Is it normal or have I still a configuration problem ?
>
> This is harmless. It just means you do not have a kernel that supports 
> those
> optional features.
>
> Paul



More information about the Users mailing list