Ola Allan A Freeswan trabalha com Ipsec, ou seja, protocolo 50 e 51 e tambem a porta 500 UDP.
Eu normalmente cadastro os parametros "leftnexthop" e "rightnexthop" com o Default Gateway do link WAN de cada rede. Tambem costuma dar problemas ao gerar a chave publica quando o nome da maquina nao esta cadastrado no /etc/hosts. Atenciosamente Fabiane --- Allan Patrick Ksiaskiewcz <[EMAIL PROTECTED]> wrote: > Como v�o? Li seus artigos sobre VPN, gostaria de > saber > se vcs tem cliente usando ip residencial. E se ao > acaso vc conhece algum modo de mudar a porta que o > freeswan trabalha.... > Estou tendo o problema > ipsec_setup: KLIPS ipsec0 on ppp0 > 200.181.229.216/255.255.255.255 pointopoint > 200.181.228.254 > Aug 11 15:00:46 loja ipsec_setup: ...FreeS/WAN IPsec > started > Aug 11 15:00:48 loja ipsec__plutorun: 003 > "conINFOLINO": route-client command exited with > status > 7 > Aug 11 15:00:48 loja ipsec__plutorun: 025 > "conINFOLINO": could not route > Aug 11 15:00:48 loja ipsec__plutorun: ...could not > route conn "conINFOLINO" > > > ---MEU ARQ DE CONF --- > # /etc/ipsec.conf - FreeS/WAN IPsec configuration > file > > # More elaborate and more varied sample > configurations21 23 25 80 137 138 1352 1503 1720 5631 > can be found > # in FreeS/WAN's doc/examples file, and in the HTML > documentation. > > > > # basic configuration > config setup > # THIS SETTING MUST BE CORRECT or almost nothing > will > work; > # %defaultroute is okay for most simple cases. > interfaces=%defaultroute > # Debug-logging controls: "none" for (almost) > none, > "all" for lots. > klipsdebug=none > plutodebug=none > # Use auto= parameters in conn descriptions to > control startup actions. > plutoload=%search > plutostart=%search > # Close down old connection when new one using same > ID shows up. > uniqueids=yes > > > > # defaults for subsequent connection descriptions > # (mostly to fix internal defaults which, in > retrospect, were badly chosen) > conn %default > keyingtries=0 > disablearrivalcheck=no > authby=rsasig > leftrsasigkey=%dns > rightrsasigkey=%dns > > > > # connection description for (experimental!) > opportunistic encryption > # (requires KEY record in your DNS reverse map; see > doc/opportunism.howto) > conn me-to-anyone > left=%defaultroute > right=%opportunistic > keylife=1h > rekey=no > # uncomment this next line to enable it > # auto=route > > > > # sample VPN connection > conn conINFOLINO > # Left security gateway, subnet behind it, next hop > toward right. > [EMAIL PROTECTED] > left=200.181.229.216 > leftsubnet=192.168.2.0/24 > leftrsasigkey=0sAQN... > #leftnexthop=10.22.33.44 > # Right security gateway, subnet behind it, next > hop > toward left. > [EMAIL PROTECTED] > right=200.181.228.30 > rightsubnet=10.0.0.0/8 > rightrsasigkey=0sAQO... > #rightnexthop=10.101.102.103 > # To authorize this connection, but not actually > start it, at startup, > # uncomment this. > auto=route > > Ja fiz ate reza brava e nada... Sei que posso > alterar > a interfaces=%defaultroute, mas mesmo assim nao da. > O > ipsec.secrets ta blz tbm.... E o erro > ipsec__plutorun: > ...could not route conn "conINFOLINO" > continua. Ja tentei com cl9 e cl8 kernel nativo. > > > Valeu > > > Allan Patrick > > > > > > > > > > Segundo a Basiltelecom as portas bloqueadas s�o... > > 21 > 23 > 25 > 80 > 137 > 138 > 1352 > 1503 > 1720 > 5631 > > > > _______________________________________________________________________ > Conhe�a o novo Cad�? - Mais r�pido, mais f�cil e > mais preciso. > Toda a web, 42 milh�es de p�ginas brasileiras e nova > busca por imagens! > http://www.cade.com.br > _______________________________________________ > slack-users mailing list > [EMAIL PROTECTED] > http://www.linuxmag.com.br/mailman/listinfo/slack-users __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
_______________________________________________ slack-users mailing list [EMAIL PROTECTED] http://www.linuxmag.com.br/mailman/listinfo/slack-users
