[rlug] openswan net-to-net problem

Mon, 11 Jun 2007 04:05:43 -0700 

Hello again,

Luat openswan-2.4.8, compilat si instalat pe ambele masini utilizind
suportul built in kernel 2.6 pentru IPsec stack (NETKEY) (rpmbuild -ta
--clean --target=i686 openswan-2.4.8.tar.gz & rpm -ivh
/home/alex/rpm/RPMS/i686/openswan-2.4.8-1.i686.rpm)

Ambele gateway-uri au adrese de IP publice, exact asa cum spun ei in
exemplul acesta: http://wiki.openswan.org/index.php/Openswan/Configure.

Generat left si right RSA key pe ambele masini, copiat cheile in ipsec.conf,
editat/copiat ipsec.conf (identic pe ambele masini):

conn mail-to-nx
   left=1.2.3.4 (adresa publica left net)
   leftsubnet=192.168.0.0/24
   [EMAIL PROTECTED]
   leftrsasigkey=0sAQPZpo...
   leftnexthop=%defaultroute
   right=5.6.7.8 (adresa publica right net)
   rightsubnet=10.0.0.0/24
   [EMAIL PROTECTED]
   rightrsasigkey=0sAQPcC...
   rightnexthop=%defaultroute
   auto=add

Pe ambele masini (centos4.5, kernel 2.6.9-55.EL) dau jos firewall-ul si
incerc sa pornesc tunelul.

Pe masina mail (din stinga) incerc asa cum spun ei:
[EMAIL PROTECTED] ~]# ipsec auto --up mail-to-nx
whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Pornesc pluto:
[EMAIL PROTECTED] ~]# /usr/libexec/ipsec/pluto
[EMAIL PROTECTED] ~]# ipsec auto --up mail-to-nx
024 need --listen before --initiate
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Acelasi mesaj si pe nx dupa ce urmez pasii de mai sus? Care sa fie problema?

Mersi,
Alx
_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug

Raspunde prin e-mail lui