[Openswan Users] Single interface / tunnel will not come up.
Binand Sethumadhavan
binand at gmx.net
Fri Jan 31 07:51:30 EST 2014
On 31 January 2014 16:57, Bruce Markey <bruce at secryption.com> wrote:
> 192.168.300/24-------1.1.1.1-- INTERNET -- 2.2.2.2
This on Cisco:
> access-list 152 permit icmp any any
translates to this:
> Jan 31 11:13:51 196-55-235-37 pluto[5376]: "IOF" #27: the peer proposed:
> 0.0.0.0/0:0/0 -> 0.0.0.0/0:0/0
Which doesn't match the config on Openswan. From what you say, I think
your ACL 152 ought to be something like:
access-list 152 permit icmp 192.168.30.0/24 2.2.2.2/32
(I don't recall the exact syntax for specifying subnet masks in Cisco
ACL at the moment).
Binand
More information about the Users
mailing list