[Openswan Users] openswan + Win7 + pre-shared key

Den brusok at gmail.com
Wed Feb 8 07:23:54 EST 2012


Hello!

I can't setup VPN
   Windows 7 client  192.168.1.38 <--> Linux sever  Openswan  192.168.1.15

I think that VPN is  established.
But I can't access Linux server from Windows 7 client.
I setup VPN on Win7  in "ip security policies on local computer"
Windows's firewall is turned off.

Can somebody help me?
Thank you


>ipsec --version
Linux Openswan U2.6.37/K(no kernel code presently loaded)

/var/log/secure:
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: STATE_MAIN_R3: sent MR3,
ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192
prf=oakley_sha group=modp1024}
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: Dead Peer Detection (RFC
3706): not enabled because peer did not advertise it
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: the peer proposed:
192.168.1.15/32:0/0 -> 192.168.1.38/32:0/0
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #1: NAT-Traversal: received 2
NAT-OA. using first, ignoring others
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: responding to Quick Mode
proposal {msgid:01000000}
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: us:
192.168.1.15<192.168.1.15>[+S=C]
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: them:
192.168.1.38<192.168.1.38>[+S=C]
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: transition from state
STATE_QUICK_R0 to state STATE_QUICK_R1
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: STATE_QUICK_R1: sent QR1,
inbound IPsec SA installed, expecting QI2
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: Dead Peer Detection (RFC
3706): not enabled because peer did not advertise it
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: transition from state
STATE_QUICK_R1 to state STATE_QUICK_R2
Feb 8 14:04:40 linux pluto[836]: "lnx-win" #2: STATE_QUICK_R2: IPsec SA
established tunnel mode {ESP/NAT=>0x89c5ef96 <0x3d6e53aa
xfrm=3DES_0-HMAC_SHA1 NATOA=192.168.1.38 NATD=192.168.1.38:4500 DPD=none}

/etc/ipsec.conf:

version 2.0 # conforms to second version of ipsec.conf specification

# basic configuration
config setup
interfaces="ipsec0=eth0"
protostack=klips
nat_traversal=yes
virtual_private=
oe=off
nhelpers=0

conn lnx-win
type=tunnel
auto=add
pfs=yes
right=192.168.1.38
left=192.168.1.15
auth=esp
authby=secret
forceencaps=yes
esp=3des-sha1-96
rekey=no
dpdaction=clear
dpddelay=30
dpdtimeout=30
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120208/fae986d1/attachment.html>


More information about the Users mailing list