[Openswan Users] OT IPSec -- L2TPD/Xauth

Erich Titl erich.titl at think.ch
Tue Oct 16 09:08:01 EDT 2012


Hi all

at 16.10.2012 13:45, Willie Gillespie wrote:
> On 10/16/2012 05:40 AM, Erich Titl wrote:
>> Thanks, do you know a URL where this patch is located (not the htpm
>> link :-(
> 
> http://people.redhat.com/pwouters/osw/openswan-2.6.38-android-ics-natoa.patch

Thanks a lot, applied it and now I am at the next hurdle

Phase 2 IPSec is established correctly as can be seen at

Oct 16 12:59:42 sentinel pluto[26463]: "mega-rw"[1] 195.141.2.242 #4:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Oct 16 12:59:42 sentinel pluto[26463]: "mega-rw"[1] 195.141.2.242 #4:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Oct 16 12:59:42 sentinel pluto[26463]: "mega-rw"[1] 195.141.2.242 #4:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Oct 16 12:59:42 sentinel pluto[26463]: "mega-rw"[1] 195.141.2.242 #4:
STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x02456c24
<0xd9005e09 xfrm=AES_256-HMAC_SHA1 N

sentinel# ipsec eroute
0          172.29.0.0/16      -> 192.168.1.119/32   =>
esp0x2456c24 at 195.141.2.242

Now the client proposed a certain net, which I don't really want, can
this be influenced somehow?

Oct 16 12:59:42 sentinel pluto[26463]: "mega-rw"[1] 195.141.2.242 #3:
the peer proposed: 195.141.2.244/32:0/0 -> 192.168.1.119/32:0/0

Thanks

Erich

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1877 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.openswan.org/pipermail/users/attachments/20121016/2cb87a97/attachment-0001.p7s>


More information about the Users mailing list