[Openswan Users] Roadwarrior setup to Draytek Vigor

Thorsten Meinl Thorsten.Meinl at uni-konstanz.de
Thu Feb 28 12:55:20 EST 2013


> Am 27.02.2013 17:28, schrieb Thorsten Meinl:
>> Why? I also tried with type=transport if this is what you are aiming at,
>> but the results were the same (no success). Only the "ip xfrm policy"
>> output looks a bit different.
> 
> I would try type=tunnel, left and right fixed IP addresses, leftsubnet 
> same like left with /32.
> Don't use XXXprotoport, only for RW setup.
> If it  don't work try with PSK first, it's much easier, if that works go 
> to rsasig.
Type=tunnel and specifying a fixed IP for both side does *not* work. I
cannot even get a connection. If I use left=%defaultroute I get at least
a connection. The setting of leftsubnet does not change anything either.
Also the XXXprotoport-settings don't affect anything.
I don't think that it has to do anything with PSK via RSA since I am
sucessfully authenticated with the router ("500 STATE_MAIN_I4 (ISAKMP SA
established)") and ip-xfrm rules are set up. But obviously not correct.
I can't be that hard to use IPSEC, can it? No error messages and it
still doesn't work.

Thorsten


-- 
Dr.-Ing. Thorsten Meinl               room: Z813
Nycomed Chair for Bioinformatics      fax: +49 (0)7531 88-5132
and Information Mining                phone: +49 (0)7531 88-5016
Box 712, 78457 Konstanz, Germany

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openswan.org/pipermail/users/attachments/20130228/9190ccb7/attachment.sig>


More information about the Users mailing list