Have trouble setting up an ip route
Hi,
I am trying to setup an ipsec vpn tunnel using Openswan on CentOS. But I cannot get it up. Here is my ipsec.conf file :
config setup
plutodebug=all
plutostderrlog=/var/log/pluto.log
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
## disable opportunistic encryption in Red Hat ##
oe=off
conn A-B
authby=secret
auto=start
ike=aes256-sha1;modp1024
keyexchange=ike
phase2alg=aes256-sha1;modp1024
ikelifetime=24h
keylife=1h
#compress=no
pfs=yes
type=tunnel
aggrmode=yes
left=%defaultroute
leftsubnet=<my-private-subnet>
leftnexthop=%defaultroute
right=<public-ip-of-remote-gateway>
rightsubnet=<remote-subnet>
Is it anything in this config which needs to be different? Or do I need to modify my iptables? My iptables have rules for accepting connections on udp-500, tcp-4500 and udp-4500.
Also when I run the command "ip route", I dont see a route between the remote server and my gateway.
Thank You.
Last edited by pklinux; 02-14-2017 at 02:40 PM.
|