Hello

i have a a testing setup with ipsec between 3 linux bering firewalls and
a zywall 10 router, all on static ip address i also have roadwarrior
support from dhcp clients on isdn/modem line using windows 98/ssh
sentinel and windows 2000/xp (with the aid of vpn.ebootis.de)

my problem arises when i try to setup a lan-lan tunnel between my master
vpn  bering firewall and a adsl gateway 

{worklan}----[Bering1 static 194.248.214.187]----{NET}----[Bering2 adsl
dynamic 880.212.112.*]----{homelan}
 
I realise i can't get ipsec on startup since the adsl ppp0 isn't up yet.

but running ipsec setup i expected the tunnel to come up

ipsec_setup: Stopping FreeS/WAN IPsec...
ipsec_setup: stop ordered, but IPsec does not appear to be running!
ipsec_setup: doing cleanup anyway...
ipsec_setup: Starting FreeS/WAN IPsec 1.97...
ipsec_setup: Using /lib/modules/ipsec.o
ipsec_setup: unable to determine address of `ppp0'

I have tried with interface=%defaultroute
and interface="ipsec0=ppp0"

i use the latest bering rc3

# uname -a
Linux frodeadsl 2.4.18 #4 Sun Jun 9 09:46:15 CEST 2002 i586 unknown

# lrpkg -l
Name            Version        Description
===============-==============-==============================================
initrd         
V1.0-rc3                                                     
root           
V1.0-rc3                                                     
etc            
V1.0-rc3                                                     
local           V1.0-rc3       Local package. This package does not
contain a
modules         V1.0-rc3       Modules package. Contains kernel modules
and u
keyboard        0.3            Use this package to adjust the keyboard
settin
dhcpd           2.0pl5         dhcpd - Autoconfigure client
machines         
shorwall        1.3.1          Shoreline Firewall
(Shorewall)                
ppp             2.4.1-pppoe    PPPd
Deamon                                   
pppoe           3.3-1          pppoe add-on for
pppd                         
dnscache        1.05a          dnscache from djbdns (V1.05a) package
creates 
mawk           
1.3.3                                                        
ipsec           1.97           Freeswan
IPSEC                                
libz            1.1.4          zlib compression library. Needed for
openssh  
ssh             3.2.3p1        OpenSSH ssh & scp
programs.                   
sshd            3.2.3p1        OpenSSH sshd daemon. 


# ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop 
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:04:75:7c:0a:1c brd ff:ff:ff:ff:ff:ff
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:04:75:7c:02:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.20.254/24 brd 192.168.20.255 scope global eth1
9: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen
3
    link/ppp 
    inet 80.212.112.139 peer 80.212.112.0/32 scope global ppp0
126: ipsec0: <NOARP> mtu 0 qdisc noop qlen 10
    link/ipip 
127: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10
    link/ipip 
128: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10
    link/ipip 
129: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10
    link/ipip 







-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Gadgets, caffeine, t-shirts, fun stuff.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to