I have managed to setup a connection between a Lancom 1612 router, a company
well-known in Germany (former ELSA), and I would like to contribute a
interoperating description once everything is working. But I have a problem
that is not related to the VPN router : on one end of the tunnel, the packets
do not propagate into the internal network.
Here is the configuration :
192.168.2.x/255.255.255.0===LANCOM (dynamic IP)-> INTERNET
<-static router (a.b.c.133)<-FreeSwan (a.b.c.134)===172.17.x.x/255.255.0.0
I can
- establish a connection between the two VPN gateways
- ping the internal address of the FreeSwan gateway 172.17.0.45 from "left"
network
I cannot
- ping another system in the "right" network
- ping anything on the left side from the right side
This seems to me to be a routing issue. Firewalling is not involved; I checked
this by switching off all firewalls.
Here is my FreeSwan 2.01 non-opportunistic configuration :
conn test
authby=secret
pfs=no
left=a.b.c.134
[EMAIL PROTECTED]
leftsubnet=172.17.0.0/255.255.252.0
leftnexthop=a.b.c.133
right=%any # Remote information
[EMAIL PROTECTED] #
rightsubnet=192.168.2.0/255.255.255.0
auto=add # authorizes but doesn't start this
# connection at startup
I am not sure why I need the leftnexthop parameter; this router is a static
router without NAT. But if I leave it out, I do not get a connection because
the inserted route command fails. (FreeSwan then sets the dynamic IP of the
other end as gateway)
Does anybody have a clue what I am doing wrong ??
Yours
Jakob Curdes
_______________________________________________
FreeS/WAN Users mailing list
[EMAIL PROTECTED]
https://mj2.freeswan.org/cgi-bin/mj_wwwusr
