> My first/immediate problem is that if I do not name the tunnel-group > "192.168.0.207" (the IP of the tunnel initiator host) I can't get the tunnel > up. > I'd like to be able to have different tunnel-group names (like: "tunnel-group > marketing", "tunnel-group economy", etc.) and not something like > "tunnel-group 192.168.0.207" because this is silly. Plus I can't know > beforehand what IP-addresses my roaming clients are going to have in a > real-world scenario.
Take this up with CISCO and look for help regarding that elsewhere. This is probably not the right ML for that. > The second issue I have is that when I manage to get the tunnel established > (by having "tunnel-group 192.168.0.207" on ASA) I still can't get traffic > through the tunnel (for example ping the PC from the Debian testing host). Check if the ASA gets and processes the packets. Also check if the packets make it onto the LAN behind the ASA. Also check the return path. > I am providing logs, config files and network captures for my two test cases > in the attached tarball. > > Any help/hint about what I am doing wrong or missing is greatly appreciated! > > Oh, one more thing: is there any convenient way to do online searches in > the mailing list archive? > https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests "Search the mailing list using google and google search syntax (use the site: keyword in the search request for google to specify the site that google should print results for. E.g. site:strongswan.org NO_PROP_CHOSEN)" > > --- > Sorin -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
