[Openswan Users] Single interface / tunnel will not come up.
bruce at secryption.com
Sat Feb 1 09:48:02 EST 2014
Tunnels are up now.
Having an issue now passing traffic. On my cisco side this is my crytpo
access-list 160 permit ip 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 160 permit tcp 192.168.30.0 0.0.0.255 any eq www
access-list 160 permit tcp 192.168.30.0 0.0.0.255 any eq 443
that is to say, thats what I'm passing over. Basically subnet to subnet
stuff. BUt also this is being used for all web traffic. THat is not
passing. We've narrowed it down to the openswan side I think.
I assume I have to add something to ipsec.conf for the other two acl
lines but I have no idea what.
# # Left security gateway, subnet behind it, nexthop
# Right security gateway, subnet behind it, nexthop
# To authorize this connection, but not actually start
# at startup, uncomment this.
Public key: https://www.secryption.com/BruceMarkey.asc
I believe that any violation of privacy is nothing good.
More information about the Users