Homer Parker wrote the following at 22:00 11.03.2003:
Trying to implemetn a VPN, and having a minor blockage in my thought process. Running Bering 1.0 as the router in the following layout:
Internet - eth0 firewall eth1 - wireless - eth0 router eth1 - LAN2 | 10.0.1.0/24 LAN1 10.0.0.0/24
Wanting to run a VPN to secure the wireless from eth1 on the firewall to
eth0 on the router.. I have shorewall configured as I do in other working
VPNs (I'm not really needing the firewalling, but I don't think it will
hurt anything), the problem I'm having is getting the tunnel itself up,
and the routing configured.. If I allow eth0 on the router to DHCP, it's
in the subnet I'm tring to tunnel, and Freeswan complains accordingly. If
I set it to 10.0.1.x, it complains "RTNETLINK answers: Network is
unreachable" and then "`ip route add 10.0.0.0/24 dev ipsec0 via 10.0.0.1'
failed". If I set it to 10.0.2.x, it then complains that "we have no
ipsecN interface for either end of this connection".. If someone could
kick me in the right direction it would be appreciated. I think the
problem is in the addressing/routing somewhere, I just can't find the
right combination.. I have tried the sections "Wireless" and "The Internet
as a big subnet" on the following page:
I have set up a simulation of such a set up recently, I used a cable to simulate the wireless segment (no wireless cards for the moment), but I believe this should not make a difference.
You might want to show a detailed sketch of your system including routing, shorewall info, ipsec.conf .... you name it.
Be sure to include all addresses of all interfaces in your set up.
HTH
Erich
THINK P�ntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16
------------------------------------------------------- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
