[Openswan Users] IPsec configuration
Ted Victorio
tvan5bee at yahoo.com
Wed Nov 26 22:26:59 EST 2014
Bingo, add rightid=192.168.1.150 to both sides and it works like a champ.Thanks a bunch!
On Tuesday, November 25, 2014 10:35 PM, Nick Howitt <nick at howitts.co.uk> wrote:
You will probably have to set leftid or rightid to @your_public_ip for your PC B.
Nick
On 26/11/2014 00:28, Ted Victorio wrote:
Hi Neal,
No joy with 'forceencaps=yes' to either side or both.
I removed DMZ setup for PC B and set router to forward UDP 500 and 4500 for IPsec & NAT-T.
Same ipsec.conf & ipsec.secrets. Again, the link initiates from 90.0.0.9-to--192.168.1.150 fine, but won't initiate in reverse.
Thanks,
Neal Murphy wrote:
> As a guess, add 'forceencaps=yes' to B's config; that should force it to start
> with NAT traversal.
On Monday, November 24, 2014 01:35:35 AM Ted Victorio wrote:
> Hello gurus,
>
> My IPsec link (90.0.0.9--192.168.1.150) works fine if PC A initiates "ipsec
> auto --up A_to_B" However, if PC B initiates "ipsec auto --up B_to_A", the
> handshake fails since the router converts main mode 1 from 192.168.1.150
> as if IPsec initiated from 90.0.0.3. Appreciate any suggestion to solve this.
>Thank you,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20141127/c724f0d9/attachment-0001.html>
More information about the Users
mailing list