[Openswan Users] Openswan on EC2 VPC

Muhammad El-Sergani msergani at gmail.com
Thu Sep 6 05:05:39 EDT 2012

Hello Khalid,

Might be a dumb question, but diagnosing connection problems need to
include the simplest reasons.
What are your firewall rules on both ends? Have you enabled packet
forwarding on the receiving ends?

Sent from my iPhone

On Sep 6, 2012, at 11:03 AM, Khaled Abul Khair <kkhair at gmail.com> wrote:

> Hi All;
> I am working on establishing a VPN tunnel between our VPC on Amazon and a client network , the client uses public IP addresses behind their firewall and requested that our servers in the VPC to use public IPs also.
> The purpose of the connection is that our application server and their application server to be able to communicate.
> Here s what the topology looks like:
> 107.x.x.x <--> 107.y.y.y <--> AWS InternetGateway <--> Internet <--> 213.a.a.a <-->213.b.b.b
> where:
> 107.x.x.x: Our Application server (internal ip, EC2 with elastic IP
> 107.y.y.y: Our Openswan server (internal ip, EC2 with elastic IP
> 213.a.a.a: The costumer VPN endpoint ip
> 213.b.b.b: The customer Application Server
> We managed to bring the tunnel up, but whenever we try to ping 213.b.b.b we get Destination Host Unreachable
> here is the ipsec.conf:
> left=
> leftsubnet=107.x.x.x/32
> leftid=107.y.y.y
> leftsourceip=107.y.y.y
> right=213.a.a.a
> rightid=
> rightsubnet=213.b.b.b/32
> authby=secret
> keyingtries=3
> rekey=no
> keyexchange=ike
> ikelifetime=86400s
> phase2alg=3DES-MD5;modp1024
> forceencaps=yes
> pfs=no
> Thanks in Advance
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list