[leaf-user] Bering/IPSec/WiFi/Win2K/Shorewall (update)

Fri, 05 Dec 2003 21:09:00 -0800 

Good day to all: 

I'm still fighting the good fight attempting to configure IPSec over my 
wireless link.  For those playing along at home, the pertinent machines 
are: 

ice     192.168.1.99
voodoo  192.168.1.1
hex     192.168.1.3
hijinx  192.168.1.69

Alright.  hijinx is my wifi router; since ice (Bering 1.2) does all of the 
work, it's more of an access point with 4 wired ports.  It's on the same 
interface (eth0) as the rest of the lan.  voodoo's my main (wired) win2k 
workstation, and hex is my win2k (wifi) laptop.  

All Win2K workstations use ice as the gateway to the internet (dialup, if 
it's important).  There is no firewalling at the wifi router.  
Currently, my ipsec.conf is as follows: 

config setup
        interfaces="ipsec0=eth0"
        klipsdebug=none
        plutodebug=none
        plutoload=%search
        plutostart=%search
        uniqueids=yes

conn %default
        type=tunnel
        keyexchange=ike
        keyingtries=0
        compress=yes
        disablearrivalcheck=no
        authby=secret
        leftfirewall=yes

# Raw Data Lab Wifi connection(s)
conn w2kwifi
        leftsubnet=0.0.0.0/0
        right=%any
        left=192.168.1.99
        auto=add
        pfs=yes

conn block
        auto=ignore
conn private
        auto=ignore
conn private-or-clear
        auto=ignore
conn clear-or-private
        auto=ignore
conn clear
        auto=ignore
conn packetdefault
        auto=ignore

What this allows me to do is establish the tunnel, ping ice, and surf the 
net.  However, I am still unable to ping any machine on the LAN (voodoo, 
ice).  I've tried all kinds of subnets, nexthops, and subnetwithins: no 
joy.  

I'm fairly sure it's a routing issue.  However, I have no idea how to 
resolve it.  Again, I throw myself on the mercies of the Beringati.  
If it helps any, here's my routing table when a link has been established: 

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
192.168.1.3     192.168.1.3     255.255.255.255 UGH   0      0        0 
ipsec0
207.41.164.254  0.0.0.0         255.255.255.255 UH    0      0        0 
ppp0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 
eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 
ipsec0
0.0.0.0         207.41.164.254  0.0.0.0         UG    0      0        0 
ppp0

Thanks in advance...

:Max





-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to