[Openswan Users] Openswan VPN Your Help Needed

Imran Shakir shaker.emran at gmail.com
Thu Mar 29 12:18:43 EDT 2012 

> Hi

>

> I've installed Openswan on Ubuntu 10.04.

>

> I've one network interface: eth0 = 10.202.x.x.

>

> I've created another Virtual Network Interface: eth0:0 = 192.168.y.y.

>

> I've Elastic IP: 50.17.z.z.

>

> I've done natting with following commands:

>

> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

>

> then used more commands like this:

>

> iptables --flush

> iptables -t nat --flush

> iptables --delete-chain

> iptables -t nat --delete-chain

> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A

> FORWARD -i eth0:0 -j ACCEPT

>

> I've configured my connection as under:

>

> conn TEST

>

> type=tunnel

> authby=secret

> ike=3des-md5-modp1024

> ikelifetime=86400s

>

> phase2=esp

> phase2alg=3des-md5;modp1024

> lifetime=28800s

> forceencaps=yes

> pfs=no

>

> left=10.202.x.x

> leftid=50.17.z.z

> leftnexthop=%defaultroute

> leftsubnet=192.168.y.y/32

>

> right=202.125.a.a

> rightid=202.125.a.a

> rightsubnet=172.16.b.b/32

> rightnexthop=%defaultroute

> dpdaction=restart

> dpddelay=30

> dpdtimeout=45

>

> auto=add

>

> now when I try to start a tunnel with command: ipsec auto --up TEST,

> tunnel comes up successfully, but when i ping 172.16.b.b. I don't get

> any reply.

>

> All ports opened for all IP Addresses, firewall allow all. Still no

> success.

>

> My routing table is as under:

>

> Destination Gateway Genmask Flags Metric Ref Use Iface

> 192.168.222.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

> 10.202.70.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0

> 0.0.0.0 10.202.70.1 0.0.0.0 UG 100 0 0 eth0

> 0.0.0.0 10.202.70.1 0.0.0.0 UG 100 0 0 eth0

>

>

> iptables -L show:

>

> Chain INPUT (policy ACCEPT)

>

> target     prot opt source               destination

>

>

> Chain FORWARD (policy ACCEPT)

>

> target     prot opt source               destination

>

> ACCEPT     all  --  anywhere             anywhere

>

>

> Chain OUTPUT (policy ACCEPT)

>

> target     prot opt source               destination

>

> kindly guide me what i am missing, tunnel is being established

> successfully but cannot ping other side, and they cannot ping me?

>

>

> A I missing any route? Kindly do let me know what route to add, if

> missed any?

>

> Thank you very much. Waiting for any answer. Thank you guys.

>

> Regards

>

> Imran
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openswan.org/pipermail/users/attachments/20120329/49a14a49/attachment-0001.html>

More information about the Users mailing list