[Openswan Users] but no connection has been authorized with policy=PSK
Paul Wouters
paul at xelerance.com
Mon Apr 11 15:35:35 EDT 2011
On Mon, 11 Apr 2011, Thomas Schweikle wrote:
>> ipsec auto --status ?
> 000 using kernel interface: netkey
> 000 interface lo/lo ::1
> 000 interface lo/lo 127.0.0.1
> 000 interface lo/lo 127.0.0.1
> 000 interface eth0/eth0 222.66.77.27
> 000 interface eth0/eth0 222.66.77.27
> 000 interface eth1/eth1 192.168.180.27
> 000 interface eth1/eth1 192.168.180.27
> 000 interface eth2/eth2 172.19.0.27
> 000 interface eth2/eth2 172.19.0.27
> 000 interface tap0/tap0 10.8.0.1
> 000 interface tap0/tap0 10.8.0.1
> 000 %myid = (none)
> 000 debug none
> I have in ipsec.conf:
> config setup
> plutostderrlog= "/var/log/pluto.err"
> plutodebug= "none"
> nat_traversal= yes
> virtual_private= %v4:10.0.0.0/8,\
> %v4:192.168.0.0/16,\
> %v4:172.16.0.0/12,%v4
> oe= off
> protostack= netkey
> interfaces= %none
Remove the interfaces= %none
> I am not aware of a way to exclude my used private address-space
> from virtual_private!
Add: %v4:!192.168.180.0/24,%v4:!10.8.0.0/16 to virtual_private
Paul
More information about the Users
mailing list