[Openswan Users] Destination Private Network unreachable but Tunnel is UP
Imtiaz Rahi
imtiaz.rahi at gmail.com
Wed Jul 27 04:50:01 EDT 2011
Anyone please respond and help me.
cheers // Imtiaz Rahi
On Mon, Jul 25, 2011 at 7:19 PM, Imtiaz Rahi <imtiaz.rahi at gmail.com> wrote:
> Hi People,
>
> I am a first timer with IPsec VPN and Openswan.
> I am setting up an IPsec VPN from a Linux box to Cisco router.
> Linux: Ubuntu 10.04 LTS Openswan U2.6.23/K2.6.32-30-server (netkey)
> Cisco: Cisco 2821
>
> Here is the IPsec network diagram
> 172.19.253.0/29 === 210.4.xx.xxx --- 210.4.xx.xxx ... 203.112.xxx.xx
> --- 203.112.xxx.xx === 10.1.4.0/24;
> Linux VPN box
> Cisco router
>
>
> "ipsec status" says my tunnel is up and some eroutes exist. But I can
> not reach the destination network.
> I am trying to ping 10.1.4.8 like below and unsuccessful;
>
> ping 10.1.4.8 -I 172.19.253.1
> PING 10.1.4.8 (10.1.4.8) from 172.19.253.1 : 56(84) bytes of data.
>
> ^C
> --- 10.1.4.8 ping statistics ---
> 14 packets transmitted, 0 received, 100% packet loss, time 13007ms
>
> Please help me here.
>
> Cheers // Imtiaz Rahi
>
>
> P.S. Here is the ipsec.conf for reference
>
> ==================================================
> version 2.0
>
> config setup
> nat_traversal=yes
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
> oe=off
> protostack=netkey
> interfaces=%defaultroute
>
> conn teletalk-vpn
> type=tunnel
> authby=secret
> left=210.4.xx.xxx
> leftnexthop=210.4.xx.xxx
> leftsubnet=172.19.253.1/29
> leftupdown=/usr/lib/ipsec/_updown
> right=203.112.xxx.xx # Cisco 2821
> rightnexthop=203.112.xxx.xx
> rightsubnet=10.1.4.0/24
> keyexchange=ike
> keylife=1h
> ike=3des-md5-modp1024
> phase2alg=3des-md5
> pfs=no
> auto=start
More information about the Users
mailing list