[Openswan Users] IPSEC Tunnel To NETASQ
Willie Gillespie
wgillespie+openswan at es2eng.com
Mon Dec 20 19:32:14 EST 2010
Besides ESP, IPsec talks on udp/500 (and udp/4500 with NAT-T).
Perhaps iptables -L output would be handy... or perhaps the ports are
filtered on the NETASQ side.
On 12/20/2010 08:12 AM, Luc MAIGNAN wrote:
> If the problem is the firewall, why the phase 1 is ok ?
> I mean that because of phase 1 is OK, the firewall is out of cause.
> AM I right ?
>
> Le 20/12/10 12:35, Paul Wouters a écrit :
>> On Mon, 20 Dec 2010, Luc MAIGNAN wrote:
>>
>>> ipsec auto --up ses
>>> 104 "ses" #4: STATE_MAIN_I1: initiate
>>> 010 "ses" #4: STATE_MAIN_I1: retransmission; will wait 20s for response
>>> 010 "ses" #4: STATE_MAIN_I1: retransmission; will wait 40s for response
>>> 010 "ses" #4: STATE_MAIN_I1: retransmission; will wait 40s for response
>>
>> There is a firewall active somewhere.
>>
>> Paul
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6026 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openswan.org/pipermail/users/attachments/20101220/35a73a50/attachment.bin
More information about the Users
mailing list