[Openswan Users] Trying to set up Openswan for the SonicWALL Network Security Appliance (NSA) 2400
Neal Murphy
neal.p.murphy at alum.wpi.edu
Tue Aug 16 17:16:27 EDT 2011
On Tuesday 16 August 2011 15:06:03 László Monda wrote:
> Dear List,
>
> The company I work for uses the SonicWALL Crapwork... I mean Network
> Security Appliance (NSA) 2400 model, Product Code: 5805, Firmware
> Version: SonicOS Enhanced 5.8.0.1-31o, URL is
> http://www.sonicwall.com/us/products/NSA_2400.html
If you have access to the sonicwall, go through its configs again and pay
close attention to LANs and local & remote addresses. I think you overlooked a
couple parameters that aren't obvious (at least until you *see* them and cry,
"Doh!")
I helped a guy in Ohio set up a VPN between a smoothwall and a sonicwall. It
took some time to ferret out the right sonicwall settings, but once I got them
set right, the VPN comes right up. Smoothwall uses a fairly simple ipsec.conf,
but it only does site-to-site VPNs:
----------------
version 2
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutowait=no
uniqueids=yes
protostack=klips
nat_traversal=yes
conn clear
auto=ignore
conn clear-or-private
auto=ignore
conn private-or-clear
auto=ignore
conn private
auto=ignore
conn block
auto=ignore
conn packetdefault
auto=ignore
conn npmtesting
ike=3des-md5
esp=3des-md5
authby=secret
keyingtries=0
left=203.0.113.10
leftsubnet=10.20.30.0/24
leftnexthop=%defaultroute
right=198.51.100.137
rightsubnet=192.168.1.0/24
rightnexthop=%defaultroute
compress=no
auto=start
----------------
If needed, I can connect and figure out everything that needed to be set on
the sonicwall.
More information about the Users
mailing list