[Openswan Users] repomd error
Donald.Goffe at GTECH.COM
Tue Sep 13 11:45:50 EDT 2011
Does anyone have any documentation on how to fix a "Cannot open/read repomd.xml file for repository openswan" error when running the software update tool. I'm running 18.104.22.168 fedora on a x86_64.
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On Behalf Of Paul Wouters
Sent: Tuesday, September 13, 2011 9:47 AM
To: heta shah
Cc: users at openswan.org
Subject: Re: [Openswan Users] Problem in IPSEC L2TP connectivity
On Tue, 13 Sep 2011, heta shah wrote:
> Thanks for reply,
> But when I am adding leftsourceip=192.168.5.X where X is my ip of
> other interface in server. At that time client can not establish VPN
> connection with server. At server side this error is coming on
> /var/log/auth.log file
> And I cannot add leftsubnet tag . When I am adding leftsubnet client cannot able to establish connection .
> Is any IPSEC version problem or some configuration problem.
> ipsec --version
> Linux Openswan U2.6.35/K22.214.171.124-enjay (netkey)
> xl2tpd --version
> xl2tpd version: xl2tpd-1.2.8
I did not realise you were using L2TP, sorry. You do not use a leftsourceip= for l2tp.
One way communication within l2tp is usually caused by
1) the L2TP server hands out a range that is not NATed and goes out to the internet, but
replies cannot be received
2) the L2TP server is not the default gateway, and is not NATing, so replies never get back
3) router or firewall is blocking the l2tp assigned range of addresses
Also check with "ipsec verify" if you see any issues.
> On Mon, Sep 12, 2011 at 9:24 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Mon, 12 Sep 2011, heta shah wrote:
> Please help me I am doing some error or not . I am facing this one way communication. Is any route add at server side is required
> or not ?? My internal network is 192.168.5.0/24 and I want to apply remote network VPN client from this network . In this setup I
> can communicate from client to server but I cannot communicate from server to client But still VPN connection is showing up.
> You should never attempt or need to add routes manually.
> You might want to add on the server a leftsourceip=192.168.5.X (X is
> whatever IP your server has in that range)
> Thanks and Regards.
Users at openswan.org
Building and Integrating Virtual Private Networks with Openswan:
CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.
More information about the Users