LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-21-2006, 05:18 AM   #1
millerjord
LQ Newbie
 
Registered: Apr 2006
Posts: 1

Rep: Reputation: 0
OpenSwan net-to-net VPN (IPCop 1.4.10)


Hi

I am trying to build a network of IPCop 1.4.10 to encrypt my wireless building to building networks.

So I want to use the IPCops for net-to-net VPN, and the RED network is all mine!

That means all the RED networks are in the same network segment (e.g. 193.90.220.0/24), but there are different networks on all GREEN sides.

I have tried following some step-by-step guides but still can't seem to make it work. In the VPN-tab of IPCop the connection keeps Closed.

Does anybody have a clue why this could happen?

Network setup example:
ipcop1 ipcop2
GREEN RED RED GREEN
10.100.30.5 -- 193.90.220.1 --WLAN--- 193.90.220.20 -- 10.100.31.1
(10.100.30.0/24 -------- 193.90.220.0/24 ----------- 10.100.31.0/24)


On ipcop1 are the following settings:
conn: ipcop-vpn
left: 193.90.220.1
left subnet: 10.100.30.0/255.255.255.0
right: 193.90.220.20
right subnet: 10.100.31.0/255.255.255.0
authby: secret

On ipcop2 are the following settings:
conn: ipcop-vpn
left: 193.90.220.20
left subnet: 10.100.31.0/255.255.255.0
right: 193.90.220.1
right subnet: 10.100.30.0/255.255.255.0
authby: secret

Authentication are set to Pre-Shared Key (Yes, I will use certs, I just want to make it work first)

As I have already said the VPN tunnel won't start, it's status is CLOSED.

I recognize that the ipsec interface on ipcop1 is using eth0(GREEN interface). Is this correct?

From log:
11:26:32 pluto[2720] | found eth0 with address 192.168.30.1
11:26:32 pluto[2720] | found eth1 with address 192.168.90.1
11:26:32 pluto[2720] | found ipsec0 with address 192.168.30.1
11:26:32 pluto[2720] | IP interface eth1 192.168.90.1 has no matching ipsec* interface -- ignored
11:26:32 pluto[2720] adding interface ipsec0/eth0 192.168.30.1
11:26:32 pluto[2720] adding interface ipsec0/eth0 192.168.30.1:4500

According to what I know this means ipcop1 is expecting incoming VPN connections on GREEN interface, or am I wrong?

The other server, ipcop2, keeps telling me the following in the log:

"ipcop-vpn" #2: ERROR: asynchronous network error report on eth1 for message to 192.168.90.1 port 500, complainant 192.168.90.1: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

Anyone got a possible solution?

Best regards


-:Rune:-
 
Old 05-11-2007, 06:42 AM   #2
isaias
LQ Newbie
 
Registered: May 2007
Posts: 1

Rep: Reputation: 0
hi,

I am trying to build a network of IPCop 1.4.15, so I want to use the IPCops for net-to-net VPN.

That means all the RED networks are in the same network segment (e.g. 10.0.0.20/21), but there are different networks on all GREEN sides (e.g. 192.168.1.20/192.168.102.21).

I have tried following some step-by-step guides but still can't seem to make it work. In the VPN-tab of IPCop the connection keeps Closed.

Network setup example:
ipcop1 ipcop2
GREEN RED RED GREEN
192.168.1.20 -- 10.0.0.20 --internet--- 10.0.0.21 -- 192.168.102.21

On ipcop1 are the following settings:
name: ipcop1
side: left
ip:10.0.0.20
local subnet: 192.168.1.0/255.255.255.0
remote ip:192.168.102.21
remote subnet:192.168.102.0/255.255.255.0

on ipcop2 are the following settings:
name:ipcop2
side:rigt
ip:10.0.0.21
local subnet: 192.168.102.0/255.255.255.0
remote ip:192.168.1.20
remote subnet:192.168.1.0/255.255.255.0

Authentication are set to certificate. As I have already said the VPN tunnel won't start, it's status is CLOSED.

please somebody can help me? I apreciate....

Last edited by isaias; 05-24-2007 at 12:03 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to Setup a Net to Host VPN in Ipcop Rustylinux Linux - Networking 0 04-02-2006 11:40 PM
Setting up Net to Host with IPcop Rustylinux Linux - General 0 04-02-2006 03:09 PM
samba over the net? VPN? realized Linux - Networking 4 10-11-2004 12:47 PM
VPN Internal net question DeadEcho5 Linux - Security 1 05-20-2004 06:00 PM
FreesWan vpn and net masq over ADSL PcHammer Linux - Networking 0 06-02-2003 02:12 AM


All times are GMT -5. The time now is 08:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration