[Users] IPsec Ping Problem

Fri, 15 Aug 2003 07:23:15 -0700

Hi List.
I have setup a VPN Lan-to-Lan but don't ping the address invalid (source: Computer A -> Command: ping 192.168.1.1)
When I run ipse barf I have the trouble:

Aug 15 09:00:25 fwijui pluto[2747]: "vpn" #1: ERROR: asynchronous network error report on eth1 for message to 200.240.2.2 port 500, complainant 200.240.2.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

Aug

 
Computer A
--------                    ---------
192.168.0.1       200.240.1.2
--------                    ---------
   
                |  |
 
Computer B
--------                    ---------
200.240.1.1        200.240.2.1
--------                    ---------
 
                |  |
 
 
Computer C
--------                    ---------
200.240.2.2        192.168.1.1 
--------                    ---------
 
My ipsec.conf
 

/etc/ipsec.conf

# /etc/ipsec.conf - FreeS/WAN IPsec configuration file

# More elaborate and more varied sample configurations can be found

# in FreeS/WAN's doc/examples file, and in the HTML documentation.

 

 

# basic configuration

config setup

# THIS SETTING MUST BE CORRECT or almost nothing will work;

# %defaultroute is okay for most simple cases.

interfaces=%defaultroute

# Debug-logging controls: "none" for (almost) none, "all" for lots.

klipsdebug=none

plutodebug=none

# Use auto= parameters in conn descriptions to control startup actions.

plutoload=%search

plutostart=%search

# Close down old connection when new one using same ID shows up.

uniqueids=yes

 

 

# defaults for subsequent connection descriptions

# (these defaults will soon go away)

conn %default

keyingtries=0

disablearrivalcheck=no

authby=rsasig

leftrsasigkey=%dnsondemand

rightrsasigkey=%dnsondemand

 

# connection description for opportunistic encryption

# (requires KEY record in your DNS reverse map; see doc/opportunism.howto)

conn me-to-anyone

left=%defaultroute

right=%opportunistic

keylife=1h

rekey=no

# for initiator only OE, uncomment and uncomment this

# after putting your key in your forward map

[EMAIL PROTECTED]

# uncomment this next line to enable it

#auto=route

 

# sample VPN connection

conn vpn

left=200.240.1.2

leftsubnet=192.168.1.0/24

leftnexthop=200.240.1.1

# RSA 2192 bits fwijui Fri Aug 15 08:52:07 2003

leftrsasigkey=[keyid AQN01nzNe]

# Right security gateway, subnet behind it, next hop toward left.

right=200.240.2.2

rightsubnet=192.168.2.0/24

rightnexthop=200.240.2.1

# RSA 2192 bits fwpoa Fri Aug 15 08:40:27 2003

rightrsasigkey=[keyid AQOAz6M7T]

auto=start

Attachment: barf
Description: Binary data

_______________________________________________
FreeS/WAN Users mailing list
[EMAIL PROTECTED]
https://mj2.freeswan.org/cgi-bin/mj_wwwusr

Reply via email to