OK I'm getting there.
I found an article on how to manually configure OpenVPN for a SonicWall
See
http://wiki.openswan.org/index.php/Openswan/SonicWall
However, I keep getting error 021, connection not found
No matter what I do in the config file, there is no difference in output to
/var/log/messages so I'm thinking that there may be a prerequisite not
correct:
ipsec --verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.6/K2.6.18.8-0.1-default (netkey)
Checking for IPsec support in kernel [OK]
NETKEY detected, testing for disabled ICMP send_redirects [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/send_redirects
or NETKEY will cause the sending of bogus ICMP redirects!
NETKEY detected, testing for disabled ICMP accept_redirects [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
or NETKEY will accept bogus ICMP redirects!
Checking for RSA private key (/etc/ipsec.secrets) [DISABLED]
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [FAILED]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption DNS checks:
Looking for TXT in forward dns zone: LAB1 [MISSING]
Does the machine have at least one non-private address? [FAILED]
How do I disable accept_redirects, or is that not necessary?
The file is empty.
(I initially had debug levels in default but removed them to see if that made any difference)
ipsec.conf
Code:
version 2
conn sonicwall
type=tunnel
left=PC_IP
leftsubnet=SUBNET/24
leftnexthop=LAN_GATEWAY_IP
right=(SW_WAN_IP)
rightnexthop=SW_IP
rightsubnet=SW_SUBNET/24
rightid=(SW_WAN_IP)
keyingtries=0
pfs=no
auto=add
auth=esp
esp=3des-sha1
ike=3des-sha1
keyexchange=ike
authby=secret
xauth=yes
ipsec.secrets
SW_IP PC_IP : PSK "MySecret"
ipsec whack --name sonicwall --initiate
ipsec auto --up sonicwall
both give 021 no connection named "sonicwall"
I look forward to any reply.
Thanks,
Marinus.