There several things you can do: 1. run ipsec verify
2. after configuration of the tunnel edit /etc/ipsec.conf and set klipsdebug=none and plutodebug=none to crypt, control or all. Then restart the tunnel without any changes in the web interface. (this would set the debug options back to none) 3. Is in the 3rd party config a setting of pfsgroup ? The pfsgroup can't be set in openswan 2.4.x. Is has to be always the phase 1 group. The only option is to disable pfs with pfs=no in the connections settings of ipsec.conf. So in the web interface you have to set Phase 1 group. All other settings will fail. This is a bug in the interface. If you have an openswan <-> checkpoint scenario http://www.fw-1.de/aerasec/ng/vpn-freeswan/CPNG+Linux-FreeSWAN.html provides an overview. Thomas >>> Trevor Fowler <[EMAIL PROTECTED]> 28.11.2006 07:10 >>> Hey there, We have a 3 branch setup using Endian Firewall (2.0 respin). These are connected using OpenVPN quire nicely. However, there is a 3rd party that would like to connect to the head office via an IPSEC VPN. We have been unable to establish this connection, and I can't find any sort of "log" or feedback to help diagnose the problem. As a test I have tried to establish an IPSEC VPN connection between the head office and our own Endian FW, but also with no success. So, a couple of questions: 1. Is there a log somewhere that shows the progress of the connection? 2. Is there a "Howto" for setting up IPSEC VPNs on the Endian FW? Any help would be appreciated. Thanks Trevor. -- View this message in context: http://www.nabble.com/IPSEC-VPN-Configuration-tf2716523.html#a7573928 Sent from the efw-user mailing list archive at Nabble.com. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user -------------------------------------------------------------- SHS-Concept GbR Dipl.-Ing. Thomas Heimann Hagener Str.57 D-58642 Iserlohn Germany Tel.: +49 +2374 9209776 Mobil: 0160 94773968 Fax: +49 +2374 9209778 Ust-ID:DE813360908 ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
