Hi Such problems you are describing often indicate routing problems. Check this first. In your case I would tend to say that your box behind the freeswan box (172.17.0.45) has no gateway.
HTH philipp > I have managed to setup a connection between a Lancom 1612 > router, a company > well-known in Germany (former ELSA), and I would like to contribute a > interoperating description once everything is working. But I > have a problem > that is not related to the VPN router : on one end of the > tunnel, the packets > do not propagate into the internal network. > > Here is the configuration : > > > 192.168.2.x/255.255.255.0===LANCOM (dynamic IP)-> INTERNET > > <-static router (a.b.c.133)<-FreeSwan > (a.b.c.134)===172.17.x.x/255.255.0.0 > > I can > - establish a connection between the two VPN gateways > - ping the internal address of the FreeSwan gateway > 172.17.0.45 from "left" > network > > I cannot > - ping another system in the "right" network > - ping anything on the left side from the right side > > This seems to me to be a routing issue. Firewalling is not > involved; I checked > this by switching off all firewalls. > > Here is my FreeSwan 2.01 non-opportunistic configuration : > > conn test > authby=secret > pfs=no > left=a.b.c.134 > [EMAIL PROTECTED] > leftsubnet=172.17.0.0/255.255.252.0 > leftnexthop=a.b.c.133 > right=%any # Remote information > [EMAIL PROTECTED] # > rightsubnet=192.168.2.0/255.255.255.0 > auto=add # authorizes but doesn't start this > # connection at startup > > I am not sure why I need the leftnexthop parameter; this > router is a static > router without NAT. But if I leave it out, I do not get a > connection because > the inserted route command fails. (FreeSwan then sets the > dynamic IP of the > other end as gateway) > > > > Does anybody have a clue what I am doing wrong ?? > > Yours > Jakob Curdes > > _______________________________________________ > FreeS/WAN Users mailing list > [EMAIL PROTECTED] > https://mj2.freeswan.org/cgi-bin/mj_wwwusr > _______________________________________________ FreeS/WAN Users mailing list [EMAIL PROTECTED] https://mj2.freeswan.org/cgi-bin/mj_wwwusr
