[Openswan Users] Can not use nc between two Linux host
Yiyun Meng
manfonly at gmail.com
Tue Feb 26 05:58:57 EST 2013
Hi,
I established a host-host ipsec connection between two linux.
Scenario:
10.140.28.50 -- 10.140.28.29
Left ipsec.conf:
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
oe=off
protostack=netkey
conn pureIPSec
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=%defaultroute
right=%any
Right ipsec.conf:
version 2.0
config setup
plutodebug=none
strictcrlpolicy=no
nat_traversal=yes
interfaces=%defaultroute
oe=off
protostack=netkey
conn pureIPsec
authby=secret
pfs=no
rekey=yes
type=transport
left=%defaultroute
right=10.140.28.50
auto=add
I can ping from each side, and data is encrypted with ESP. But When I use:
Right side:
nc -l -p 8888 > tmp.tar.gz
Left side:
cat tmp.tar.gz | nc 10.140.28.29 8888
There is not data transferred between two hostŠ
(I can transfer tmp.tar.gz without ipsec, and in the right side, nc is a
busybox
Implementation.
# ls -l /usr/bin/nc
lrwxrwxrwx 1 root root 17 Apr 21 2011 /usr/bin/nc ->
../../bin/busybox
)
Do I missing some settings? Can someone help me?
Regards,
Yiyun
More information about the Users
mailing list