Hi,
I would like to establish an IPSEC connection from one site to one site.
Site A is a Cisco ASA and site B is a Linux Debian Wheezy
On site A we don't have any access, but on site B we can do what we want.
I installed Shorewall 4.5.5.3 and openswan 1:2.6.37-3+deb7u1
I spent a lot of time trying to connect those 2 sites like this
site B
site A
[ 10.1.0.0 ] -----[ 10.1.0.1 / eth0 143.123.123.121/28 ] ..... [ 190.120.87.165
]---[193.198.43.0]
eth0 143.123.123.122
This would be relatively simple if Site A did not want nat in the VPN. In fact
they want to see only one source address from the network B for example
the 143.123.123.122. They don't want to see rfc1918 addresses in subnet B.
I read and reread the pages of shorewall but I'm a little bit confused now.
I can establish IPsec phase I but the second not. Ipsec therefore works but it
appears that phase II stuck.
My part of config:
interfaces
vpn ppp0 -
net eth0
hosts
vpn eth0:193.198.43.0/24 ipsec
masq
eth0 10.1.0.0/24 143.123.123.122 - - -
mode=tunnel,tunnel-dst=193.198.43.0/24
tunnels
ipsec net 190.120.87.165/32 vpn
Many thanks in advance for you help and lights ....
Gilbert R.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
