On Tue, 19 Aug 2003, Richard Sbarro wrote: > # basic configuration > config setup > # THIS SETTING MUST BE CORRECT or almost nothing will work; > # %defaultroute is okay for most simple cases. > interfaces=%defaultroute > # Debug-logging controls: "none" for (almost) none, "all" for lots. > klipsdebug=all > plutodebug=all
Please do not use those debugging functions to debug connections. those are meant for debugging *code*. > conn me-to-anyone > left=%defaultroute > right=%opportunistic > keylife=1h > rekey=no > # for initiator only OE, uncomment and uncomment this > # after putting your key in your forward map > [EMAIL PROTECTED] > # uncomment this next line to enable it > #auto=route It is safer to use auto=ignore instead of commenting out the auto= line, since some freeswan's enable opportunistic if no disable route has been defined. > conn doug > left=192.168.0.4 > leftsubnet=192.168.0.0/24 > right=67.80.95.17 > rightsubnet=192.168.1.0/32 > > keyexchange=ike > authby=secret > pfs=yes > ikelifetime=3600s > type=tunnel > esp=3des-md5-96 That empty line should in the middle of the conn should not be there. Freeswan is (unfortunately) very picky about whitespace. > + cat /proc/sys/net/ipv4/ip_forward > 0 Since you;'re tunneling subnets, you should enable ip_forwarding (often defined in /etc/sysctl.conf) > nvidia 1537984 10 off topic: is that driver better then the NVdriver from NVIDIA itself? :) I seem to be missing log entries at the end of the barf. Those would indiciate more precisely what the problem would be. Perhaps look in some other logfiles for more data, or change syslog.conf to log to /var/log/secure? Paul _______________________________________________ FreeS/WAN Users mailing list [EMAIL PROTECTED] https://mj2.freeswan.org/cgi-bin/mj_wwwusr
