[Openswan Users] IPSec Tunnel: Pass through connection not working
SaRaVanAn
saravanan.nagarajan87 at gmail.com
Mon Nov 21 09:54:36 EST 2011
Hi all,
I want to add below three SPD rules.
source destination protocol action
1)0.0.0.0/0 172.31.114.239 any ipsec
2)0.0.0.0/0 0.0.0.0/0 ah/esp none
3)0.0.0.0/0 0.0.0.0/0 any discard.
I tried by adding these rules using openswan. Only two rules are getting
added in Security policy database, the pass through rule is not
added(verified using setkey tool).
Please find my ipsec.conf below
config setup
protostack=netkey
nat_traversal=yes
virtual_private=
oe=off
nhelpers=0
interfaces=%defaultroute
conn west-east
left=172.31.114.245
right=172.31.114.239
leftsubnet=0.0.0.0/0
keyexchange=ike
auto=add
auth=esp
authby=secret
pfs=no
keylife=120m
rekey=yes
ikelifetime=240m
keyingtries=0
conn drop
left=172.31.114.245
right=172.31.114.239
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
type=drop
authby=never
auto=route
conn passthrough
left=172.31.114.245
leftprotoport=ah
right=172.31.114.239
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
type=passthrough
authby=never
auto=route
Please correct me if my configuration is wrong. It would be great, if you
help me out on this.
Regards,
Saravanan N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20111121/0b60e4be/attachment.html
More information about the Users
mailing list