c...@s, bom dia.
Estou tendo dificuldades para fechar um Tunnel VPN com um CheckPoint VPN-1
utilizando o Linux+OpenSWAN.
A VPN tem o seguinte cenário:
Box CheckPoint
IKE
3DES-MD5-MODP1024
PSK
As duas pontas tem link dedicado, com IP fixo.
Meu /etc/ipsec.conf
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
conn checkpoint-freeswan
type=tunnel
left=189.x.x.z
right=189.x.x.y
keyexchange=ike
auth=esp
auto=start
authby=secret
ike=3des-md5-modp1024
esp=3des-md5
pfs=no
conn net-checkpoint-net-freeswan
type=tunnel
left=189.x.x.z
leftsubnet=10.1.0.0/16
right=189.x.x.y
rightsubnet=192.168.0.0/24
keyexchange=ike
auth=esp
auto=start
authby=secret
ike=3des-md5-modp1024
esp=3des-md5
pfs=no
Meu /etc/ipsec.secrets
189.x.x.z 189.x.x.y : "minhaChaveSecreta"
Eu segui esse exemplo aqui:
http://www.fw-1.de/aerasec/ng/vpn-freeswan/CP-FW1-NG+Linux-FreeSWAN-Gateway.html
Conferi todos os dados corretamente em meu /etc/ipsec.conf e
/etc/ipsec.secrets
Porém quando rodo o ipsec setup --start o log me retorna o seguinte:
Aug 12 17:35:29 xwindow ipsec__plutorun: 022 "checkpoint-freeswan": we
cannot identify ourselves with either end of this connection
Aug 12 17:35:29 xwindow ipsec__plutorun: 022 "net-checkpoint-net-freeswan":
we cannot identify ourselves with either end of this connection
Aug 12 17:35:29 xwindow ipsec__plutorun: 022 "checkpoint-freeswan": We
cannot identify ourselves with either end of this connection.
Aug 12 17:35:29 xwindow ipsec__plutorun: 022 "net-checkpoint-net-freeswan":
We cannot identify ourselves with either end of this connection.
E não estabiliza o túnel.
Alguém já fechou VPN entre o Linux e CheckPoint?
Obrigado.
--
Wagner Santos
81 9127 9823 / 81 8781 9823
wagnerpaxs @NOSPAM gmail.com
wagner @NOSPAM dotlinux.net
ICQ: 83709017 | Jabber: [email protected]
Linux User #408917
DotLinux.Net - http://www.dotlinux.net/
Debian-PE - http://pe.debianbrasil.org/
