OK, I'll try to consolidate a reply to all the responses from my original issue into a single email:
1. When I ping from the astlinux box to an alix2 running askozia on the remote network behind the PIX I see the number of packets transmitted with a 100% loss. When I ping from the alix2 to my netgear switch behind the astlinux gateway I see the same results. For this test I used a Cisco IPsec client under Vista to connect to the remote PIX, then using PuTTY, I made an SSH connection to the alix2 to ping back into my local network. 2. After reading Lonnie's comments about the double-quoting around the pre-shared key, I'm sure this is at least one of my problems. I will put double-quotes around the psk, tomorrow and test with the same key defined w/o double-quotes in astlinux. I'll let you know if that does the trrick. 3. Regarding the addressing, astlinux lead me to believe that it supported a dynamic end-point because the default value in the local-host ip field is $EXTIP. Is this a legit value, or should I change it to the actual IP used by the WAN i/f, even if it might change in the future? Is it possible that a future version might support at least one dynamic endpoint? On a totally different subject, I have a Sangoma A200 installed in the net 5501 w/ astlinux. Initially, I had a lot of trouble getting it to work w/ astlinux until I saw a web post mentioning that Sangoma's WANpipe utilities didn't run properly under astlinux. I got the system to work by copying the appropriate config files from an image of FreeBSD 7.1 I previously built for the same system. Am I accurate in stating that there is a problem running the WANpipe config utility w/ astlinux? FYI, the reason I tried astlinux is because Sangoma's support for FreeBSD is only marginally better at this point. There seems to be a compatibility issue with the latest port of Zaptel, and apparently Sangoma recently dropped support for FreeBSD... although they didn't state that on their website until a few days after I complained to them. I guess I could have returned the board, but it has been working very well w/ astlinux (once I got it configured). Also, last FYI, I really appreciate all the help I've received on the mailing list. You guys are great! -tm -----Original Message----- From: Lonnie Abelbeck [mailto:li...@lonnie.abelbeck.com] Sent: Monday, September 14, 2009 8:52 PM To: AstLinux Users Mailing List Subject: Re: [Astlinux-users] VPN with Cisco PIX On Sep 14, 2009, at 6:55 PM, Tom Mazzotta wrote: > I'm running astlinux-0.6.7 (Asterisk 1.4.26) on a Soekris net 5501 > and I am trying to setup a gateway to gateway VPN with a Cisco PIX > device. Both devices have external interfaces on the internet > (static IP for PIX and dynamic for soekris). Tom, I forgot to mention that you need to use static IP addresses for each IPsec endpoint, since AstLinux uses a pre-shared key with main mode. If the (dynamic) IP address on the AstLInux end changes you will have a problem. Lonnie ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
