----- Original Message ---- From: Vali Dragnuta <[EMAIL PROTECTED]> To: Romanian Linux Users Group <rlug@lists.lug.ro> Sent: Wednesday, 28 November, 2007 11:36:38 PM Subject: Re: [rlug] ipsec server sub debian vs. cisco
On Wed, 2007-11-28 at 20:30 +0000, cristina vintila wrote: > > > Salut, > > Hey. Imi cer scuze pt. top-posting-ul din mailurile anterioare. > > > Acl trebuie sa fie facut pe subneturile care vrei sa le conectezi cu > > ipsec > > > Ai definit aici > > conn ipsec01-cisco6500 > > left=19.1.255.254 > > leftsubnet=19.2.0.0/16 linux net > > right=19.1.255.253 > > rightsubnet=66.6.0.0/16 cisco net > > auto=add > > authby=secret > > auth=esp > > compress=no > > pfs=yes > > esp=3des-md5-modp1024 > > ike=3des-md5-modp1024 > > keyexchange=ikev1 > > mobike=no > > hello > 1). auto=start am pus, dat restart la ipsec, problema persista (cu toata descrierea din mailul anterior) > 2). cred ca e a 3-a oara cind iti zic sa dai > ipsec barf |grep ipsec01-cisco6500 din cate vad pe net, barf nu e suportat in versiunea mea (4.1.8-2) de strongswan :( > 3). cind dai ping de pe masina linux trebuie sa ai grija sa dai de pe > interfata care se afla in leftsubnet. Cu alte cuvinte, de pe linux dai > ping -I 192.2.X.Y 66.6.M.N am dat comanda asa si am echo reply, necriptat ...cred ca este acelasi lucru cu i) ping de la masina 66.6.0.10 catre linux-interfata-interna 19.2.0.254 => succes, fara ipsec ! mersi, cristina _______________________________________________ RLUG mailing list RLUG@lists.lug.ro http://lists.lug.ro/mailman/listinfo/rlug ___________________________________________________________ Want ideas for reducing your carbon footprint? Visit Yahoo! For Good http://uk.promotions.yahoo.com/forgood/environment.html _______________________________________________ RLUG mailing list RLUG@lists.lug.ro http://lists.lug.ro/mailman/listinfo/rlug
