[Openswan Users] really basic peer-to-peer setup
Simon Deziel
simon at xelerance.com
Sat May 4 16:49:51 UTC 2013
On 13-05-04 12:22 PM, Alan McKay wrote:
> On Sat, May 4, 2013 at 11:50 AM, Simon Deziel <simon at xelerance.com> wrote:
>> You can check the installed policy with "ip xfrm policy"
>
> Sure thing, but it should be defaults. On Solexa1 I have Ubuntu
> server 12.04, and 13.04 on firewall03. Firewall03 also has shorewall
> installed and configured but turned off throughout all of this. not
> sure whether that would have changed defaults.
>
> root at solexa1:~# ip xfrm policy
> src 192.168.160.0/24 dst 172.30.0.0/24
> dir out priority 2344
> tmpl src 10.246.159.41 dst 10.242.182.88
> proto esp reqid 16385 mode tunnel
> src 172.30.0.0/24 dst 192.168.160.0/24
> dir fwd priority 2344
> tmpl src 10.242.182.88 dst 10.246.159.41
> proto esp reqid 16385 mode tunnel
> src 172.30.0.0/24 dst 192.168.160.0/24
> dir in priority 2344
> tmpl src 10.242.182.88 dst 10.246.159.41
> proto esp reqid 16385 mode tunnel
Now does this work:
ping 172.30.0.1 -I 192.168.160.11
> root at firewall03:~# ip xfrm policy
> src 172.30.0.0/24 dst 192.168.160.0/24
> dir out priority 2344
> tmpl src 10.242.182.88 dst 10.246.159.41
> proto esp reqid 16385 mode tunnel
> src 192.168.160.0/24 dst 172.30.0.0/24
> dir fwd priority 2344
> tmpl src 10.246.159.41 dst 10.242.182.88
> proto esp reqid 16385 mode tunnel
> src 192.168.160.0/24 dst 172.30.0.0/24
> dir in priority 2344
> tmpl src 10.246.159.41 dst 10.242.182.88
> proto esp reqid 16385 mode tunnel
And:
ping 192.168.160.11 -I 172.30.0.1
More information about the Users
mailing list