[Openswan Users] IPsec tunnel not up with Openswan

Poorva Kuber poorvakuber at gmail.com
Tue Feb 14 15:49:12 EST 2017


Hi,
I am trying to setup a IPsec VPN tunnel using Openswan on CentOS 6.
However, I cannot get the tunnel up. I am using a pre-shared key to do
this. Here is my ipsec.conf file :

config setup
plutodebug=all
plutostderrlog=/var/log/pluto.log
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
## disable opportunistic encryption in Red Hat ##
oe=off


conn A-B
authby=secret
auto=start
ike=aes256-sha1;modp1024
keyexchange=ike
phase2alg=aes256-sha1;modp1024
ikelifetime=24h
keylife=1h
#compress=no
pfs=yes
type=tunnel
aggrmode=yes
left=<my-private-ip>
leftsubnet=<my-private-subnet>
leftnexthop=%defaultroute
right=<public-ip-of-remote-gateway>
rightsubnet=<remote-subnet>

Am i missing something in this? The tunnel will not go up. I also cannot
see an ip route between the remote subnet and mine.
Can you please help me troubleshoot this?

Thank You.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20170214/c6fa79d6/attachment.html>


More information about the Users mailing list