Hello guys,
i am a newbie about openswan and a support service ask me to create a
VPN connection with them using just only public IP addresses.
So i'm trying from several days to establish the following connection (
in a simulated network environment)
left subnet ----------------->left VPN gw
---------------------------------> right VPN gw ------------------>
right subnet
88.xxx.yyy.abc/32 --------->88.xxx.yyy.rst
-------------------------------> 85.ttt.www.npq ------------------>
85.ttt.www.def/32
where
88.xxx.yyy is the same subnet for VPN gw and left subnet and the same is
for 85.ttt.www.
left and right subnets has 88.xxx.yyy.rst and 85.ttt.ww.npq as their own
network gateways respectively.
Both Vpn gateways, in the simulated network environment, have openswan
2.49 on linux kernel 2.6.24-19 and shorewall 4.0.6 single interface as
firewall
The two subnet hosts have linux kernel 2.6.24-19 and shorewall 4.0.6
single interface as firewall.
I can establish the VPN connection between gateways as resulting from
message :
ipsec auto --status
....
r...@rightvpngw:~# #428: "VpnTest":500 STATE_QUICK_R2 (IPsec SA
established); EVENT_SA_REPLACE in 1256s; newest IPSEC; eroute owner
000 #428: "VpnTest" [email protected]
[email protected] [email protected] [email protected]
000 #426: "VpnTest":500 STATE_MAIN_R3 (sent MR3, ISAKMP SA established);
EVENT_SA_REPLACE in 826s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0)
r...@rightvpngw:~# 000 #428: "VpnTest" [email protected]
[email protected] [email protected] [email protected]
but it seems I cannot reach the two hosts in the subnets.
I check the firewall and i found no reject or drop messages, so i think
it is a routing problem
Is anyone can help me asap?
Thanks in advance and Regards.
--
_________________________________________________
*/Gianni Socionovo/*
/E-Business Manager/
MEP S.p.A.
Via Papa Giovanni XXIII, 49
61045 Pergola (PU)
ITALY
/email: [email protected] <mailto:[email protected]>/
/Web Page: http://www.mepsaws.com/
Tel. +39 0721 737262
Fax. +39 0721 734533
------------------------------------------------------------------------
Le informazioni contenute nella presente comunicazione e i relativi
allegati possono essere riservate e sono, comunque, destinate
esclusivamente alle persone o alla Società sopraindicate. La diffusione,
distribuzione e/o copiatura del documento trasmesso da parte di
qualsiasi soggetto diverso dal destinatario è proibita, sia ai sensi
dell'art. 616 c.p. , che ai sensi del D.Lgs. n. 196/2003. Se avete
ricevuto questo messaggio per errore, vi preghiamo di distruggerlo e di
informare il mittente.
The information in this e-mail is confidential and may also be legally
privileged. It is intended for the addressee only. Unauthorized
recipients are required to maintain confidentiality. If you have
received this e-mail in error please notify us immediately, destroy any
copies. Any use, dissemination, forwarding, printing or copying of this
e-mail is prohibited in accordance with art. 616 of the Penal Code and
Legislative Decree N° 196 of 2003.
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
