RE: [leaf-user] What is latest Freeswan for Bering 1.2?

Tibbs, Richard Wed, 10 Nov 2004 10:57:43 -0800

Here is the ipsec.conf file.  If you want a barf, let me know.
TIA Rick.
# /etc/ipsec.conf - FreeS/WAN IPsec configuration file


 

# More elaborate and more varied sample configurations can be found

# in FreeS/WAN's doc/examples file, and in the HTML documentation.

 

 

 

# basic configuration

config setup

        # THIS SETTING MUST BE CORRECT or almost nothing will work;

        # %defaultroute is okay for most simple cases.

        interfaces=%defaultroute

        #interfaces="ipsec0=eth0"

        # Debug-logging controls:  "none" for (almost) none, "all" for
lots.    
        klipsdebug=none

        plutodebug=none

        # Use auto= parameters in conn descriptions to control startup
actions. 
        plutoload=%search

        plutostart=%search

        # Close down old connection when new one using same ID shows up.

        uniqueids=yes

        nat_traversal=no


# defaults for subsequent connection descriptions

conn %default

        # How persistent to be in (re)keying negotiations (0 means
very).       
        keyingtries=0

        # RSA authentication with keys from DNS.

        #authby=rsasig

        # Authentication by pre-shared secret key

        authby=secret

        right=137.45.192.190

        #left=%defaultroute

        rightsubnet=192.168.10.0/24

        #leftnexthop=%direct

        rightfirewall=yes

        pfs=yes

        auto=add

        #leftrsasigkey=%dns

        #rightrsasigkey=%dns

 

conn road-warrior

        left=%any



-----Original Message-----
From: Charles Steinkuehler [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 10, 2004 1:42 PM
To: Tibbs, Richard
Cc: [EMAIL PROTECTED]
Subject: Re: [leaf-user] What is latest Freeswan for Bering 1.2?

Tibbs, Richard wrote:

> On the feature issue: We have had a problem with messages in the log
> files saying "no route available".
> I have a successful road warrior from just outside the firewall, but
> across campus, (beyond the next router) things stop working with the
> above message.
> 
> I was hoping an upgrade to 1.99.8 or beyond might be better.  
> Upgrading is fairly easy once I have a 2.4.x glibc binary.

Do you have appropriate [left|right]nexthop stanzas in your connection 
descriptions?  This doesn't sound like a problem that will be solved by
a 
newer version of [free|open]s/wan.

-- 
Charles Steinkuehler
[EMAIL PROTECTED]



-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_idU88&alloc_id065&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] What is latest Freeswan for Bering 1.2?

Reply via email to