Hi Joey, Charles picked up the obvious problem of the spelling mistake in left and rightnexthop. However, you haven't said what the symptoms of the problem are (assuming this isn't it!). Every time I've had problems with RSA keys it related to whitespace in the file or a hidden carriage return. The key must not be broken with a return, it must wrap all on its own! Using the copy function in Putty always resulted in a need for some careful deleting. Also, the syntax in .secrets is also fussy this way. If the spelling error doesn't fix things, give us some info on what's happening. Does it load but not connect? Or not load at all?
You might also try putting the left and right id parameters in there... I was under the impression this was needed to match with ipsec.secrets. Using left and rightfirewall=yes seems to be necessary to poke the correct holes in the firewall to allow the traffic to pass. Brock | Message: 6 | Reply-To: <[EMAIL PROTECTED]> | From: "Joey Officer" <[EMAIL PROTECTED]> | To: "LRP Support" <[EMAIL PROTECTED]> | Date: Fri, 1 Mar 2002 00:02:44 -0600 | Subject: [Leaf-user] ipsec.conf assistance.. | | Ok, its been awhile since last I had a real chance to work on this, and now | finally I'm getting into it... | | I got all of the packages on the diskette (thanks again for so much help | from Lynn and Charles), and I got the serial device working (I feel like | such a dolt, I never checked the cable, thanks Charles) but know, after I | think I've written a very generic .conf file for ipsec, its bombing, and I'm | not able to connect to the other site. Attached is a copy of my ipsec.conf. | but I'm unable to get any results... | | # system wide setup | config setup | interfaces=%defaultroute | klipsdebug=none | plutodebug=none | plutoload=%search | plutostart=%search | # uniqueids=yes # not yet, otherwise it'll only allow one | connection | | conn %default | keyingtries=0 | authby=rsasig | | # left is joey's hose | # right is the shop | conn home-office | left=66.25.44.147 | leftnexthope=66.25.44.1 | leftsubnet=192.168.3.0/24 | leftrsasigkey= < removed for space> | right=66.25.18.71 | rightnexthope=66.25.18.1 | rightsubnet=192.168.1.0/24 | rightrsasigkey= <removed for space> | | I still have uniqueids commented out because I read that to be that it would | only allow one connection at a time, ie only one user at a time to a | specific connection, want to be able to give the whole office access to the | other network. Can someone point out the obvious errors, and possibly give | me some assistance in getting this up... | | Joey _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
