Anyway, the important part of my config file ended up looking like this...
conn doug left=%defaultroute right=67.80.95.17 rightsubnet=192.168.1.0/24 keyexchange=ike authby=secret pfs=yes ikelifetime=3600s type=tunnel auto=start
Incidentally, this setup should work for a client from outside the network connecting to a LINKSYS VPN router.
Thanks for you help! Rich
Jakob Curdes wrote:
003 "doug" #15: peer client ID returned doesn't match my proposal
Well, I think this means what it says : the two machines must agree on the IDs, if not, they will not open a tunnel. Let's say you have
westnet===west->internet<-east===eastnet
and your linksys router is "west" then you should tell him to identify himself as "west" and the othe side as "east" in this connection. You then should tell FreeSwan that the leftid is "east" (assuming FreeSwan is "East") and the rightid is "west". This message indicates that the other side somehow garbles the IDs in its reply. There was a discussion on this on the list, but I am not sure if it is related to your problem.
Also (unrelated?), it doesn't appear that anything is getting logged to
/var/log/secure. Not sure why that is, but I'm sort of a linux newbie
(running Gentoo this time) so if you have any ideas why...
Do you mean *nothing* or *no messages from IPSec* ? If you log in via ssh this should definitely be logged there or your syslog is broken. Look if IPSec logs anything into /var/log/messages at startup. Normally startup messages of the service should go into messages while the connection-related things go into secure.
Hope this helps, Jakob Curdes
_______________________________________________ FreeS/WAN Users mailing list [EMAIL PROTECTED] https://mj2.freeswan.org/cgi-bin/mj_wwwusr
