David, Sorry, wrong list! Please try the FreeS/WAN list. http://www.freeswan.org/freeswan_trees/freeswan-1.5/doc/mail.html -Martin : I am trying to connect road-warriors (running on WinXP) to my home network : via FreeS/WAN but it does not work. : I am using version 1.99 with "plutodebug=all" set in the config but it does : not give any output when I try to connect. : : The client is behind a router in network 192.168.20.0/24, the server is on : "my-servers-dns-name" with the internal network 192.168.11.0/24 : : When I did "ping 192.168.11.1", it said "IP Sicherheit wird verhandelt" : which means "Negotiating IP security" but the packet logger which was : running on the client's router did not log any traffic from/to the server so : it seems that WinXP did not attempt to contact the server. The syslog on the : server of course also did not show anything about connection attempts. : Do you have any idea why this happens? : : Here are the configs: : : - Config on the client: : : conn roadwarrior : left=%any : right=my-servers-dns-name : rightca="C=AT, S=xx, L=xx, O=xx, CN=xx" : network=auto : auto=start : pfs=yes : : conn roadwarrior-net : left=%any : right=my-servers-dns-name : rightsubnet=192.168.10.0/24 : rightca="C=AT, S=xx, L=xx, O=xx, CN=xx" : network=auto : auto=start : pfs=yes : --------------------- : : - Log on the client : No RAS connections found. : IPSec Version 2.1.4 (c) 2001,2002 Marcus Mueller : Getting running Config ... : Microsoft's Windows XP identified : Host name is: pc1 : LAN IP address: 192.168.20.1 : Setting up IPSec ... : : Deactivating old policy... : Removing old policy... : : Connection roadwarrior: : MyTunnel : 192.168.20.1 : MyNet : 192.168.20.1/255.255.255.255 : PartnerTunnel: my-servers-dns-name : PartnerNet : my-servers-dns-name/255.255.255.255 : CA (ID) : C=AT, S=xx, L=xx, O=xx, CN... : PFS : y : Auto : start : Auth.Mode : MD5 : Rekeying : 3600S/50000K : Activating policy... : : Connection roadwarrior-net: : MyTunnel : 192.168.20.1 : MyNet : 192.168.20.1/255.255.255.255 : PartnerTunnel: my-servers-dns-name : PartnerNet : 192.168.11.0/255.255.255.0 : CA (ID) : C=AT, S=xx, L=xx, O=xx, CN... : PFS : y : Auto : start : Auth.Mode : MD5 : Rekeying : 3600S/50000K : Activating policy... : --------------------------- : : - Config on the server: : : config setup : interfaces=%defaultroute : klipsdebug=none : plutodebug=all : plutoload=%search : plutostart=%search : uniqueids=yes : : conn %default : keyingtries=1 : compress=yes : disablearrivalcheck=no : authby=rsasig : leftrsasigkey=%cert : rightrsasigkey=%cert : : conn roadwarrior-net : leftsubnet=192.168.11.0/24 : also=roadwarrior : : conn roadwarrior : right=%any : left=%defaultroute : leftcert=gatewayKey.pem : auto=add : pfs=yes : : ------------ : : I hope that you can help me : Regards, : David : : PS: I don't want to connect both routers, I want that only the single client : has access. : : _______________________________________________ : LARTC mailing list / LARTC@xxxxxxxxxxxxxxx : http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ : -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
