LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Need IPCop to IpCop VPN assistance (https://www.linuxquestions.org/questions/linux-networking-3/need-ipcop-to-ipcop-vpn-assistance-363086/)

Freddde 09-13-2005 06:03 PM
Need IPCop to IpCop VPN assistance
 
Hi,

I have a problem getting an IPCop-to-IPCop VPN up and running. (2 x 1.4.6)
I suspect the problem is the RIGHT side of the VPN, as the IPCop (next hop) GW has a NAT address.

Can anyone please confirm that it IS possible to make a VPN running under these circumstances?

Please assist anyone!

Cheers,
Glenn







1) the left subnet and mask, (192.168.39.0/24)
2) the left interface address (real internet /30 subnet)
3) the left default gateway (real internet /30 subnet)
3b) Public IP on Left side
4) Internet transport
5) Public IP on Right side
5b) the right default gateway (a NAT address: 192.168.1.1)
6) the right interface address (192.168.1.20)
7) the right subnet and mask. (192.168.31.0/24)



.LEFT (Glenn)...............................................................RIGHT (Per)

..1............2...3.......3b.........4..........5.................5b...6.................7
..|...+------+...+------+...................+-------+-----+....+-------+.....|
..|...|.VPN..|...|.Gate...|...insecure.....|.Gate...|NAT.|.....|.VPN.....|.....|
..|--|.IP....|---|.way....|--- public.--- |.way...|.......|----|.IP......|---|
..|...|.Cop..|...|(ISP)....|...net-work....|.(ISP)..|.......|.....|.Cop....|....|
..|...+------+...+------+ ...................+------+-----+....+-------+....|
..|.............................................................................................|


The RIGHT ISP GW with NAT is set to forward all ports to the RED interface (6) address of the IPCop.
(I can currently SSH from left LAN to the RIGHT IPCop and vice verca)

==================================================
/var/ipcop/vpn/ipsec.conf on the LEFT IPCop:

conn GlennPer
left=81.186.22.191
leftnexthop=%defaultroute
leftsubnet=192.168.39.0/24
right=84.48.136.24
rightsubnet=192.168.31.0/24
rightnexthop=%defaultroute
dpddelay=30
dpdtimeout=120
dpdaction=hold
authby=secret
auto=start

==================================================

/var/ipcop/vpn/ipsec.conf on the RIGHT IPCop:

conn PerGlenn
right=192.168.1.20 (IS THIS THE PROBLEM (NO OFFICIAL IP??)
rightsubnet=192.168.31.0/24
rightnexthop=%defaultroute
left=81.186.22.191
leftsubnet=192.168.39.0/24
leftnexthop=%defaultroute
dpddelay=30
dpdtimeout=120
dpdaction=hold
authby=secret
auto=start

issinho 09-15-2005 02:28 PM
You're gonna hate me, but...
 
check out the IPCop documentation:

http://www.ipcop.org/modules.php?op=...pDocumentation


All times are GMT -5. The time now is 11:09 AM.