OpenSwan net-to-net VPN (IPCop 1.4.10)
Hi
I am trying to build a network of IPCop 1.4.10 to encrypt my wireless building to building networks. So I want to use the IPCops for net-to-net VPN, and the RED network is all mine! :) That means all the RED networks are in the same network segment (e.g. 193.90.220.0/24), but there are different networks on all GREEN sides. I have tried following some step-by-step guides but still can't seem to make it work. In the VPN-tab of IPCop the connection keeps Closed. Does anybody have a clue why this could happen? Network setup example: ipcop1 ipcop2 GREEN RED RED GREEN 10.100.30.5 -- 193.90.220.1 --WLAN--- 193.90.220.20 -- 10.100.31.1 (10.100.30.0/24 -------- 193.90.220.0/24 ----------- 10.100.31.0/24) On ipcop1 are the following settings: conn: ipcop-vpn left: 193.90.220.1 left subnet: 10.100.30.0/255.255.255.0 right: 193.90.220.20 right subnet: 10.100.31.0/255.255.255.0 authby: secret On ipcop2 are the following settings: conn: ipcop-vpn left: 193.90.220.20 left subnet: 10.100.31.0/255.255.255.0 right: 193.90.220.1 right subnet: 10.100.30.0/255.255.255.0 authby: secret Authentication are set to Pre-Shared Key (Yes, I will use certs, I just want to make it work first) As I have already said the VPN tunnel won't start, it's status is CLOSED. I recognize that the ipsec interface on ipcop1 is using eth0(GREEN interface). Is this correct? From log: 11:26:32 pluto[2720] | found eth0 with address 192.168.30.1 11:26:32 pluto[2720] | found eth1 with address 192.168.90.1 11:26:32 pluto[2720] | found ipsec0 with address 192.168.30.1 11:26:32 pluto[2720] | IP interface eth1 192.168.90.1 has no matching ipsec* interface -- ignored 11:26:32 pluto[2720] adding interface ipsec0/eth0 192.168.30.1 11:26:32 pluto[2720] adding interface ipsec0/eth0 192.168.30.1:4500 According to what I know this means ipcop1 is expecting incoming VPN connections on GREEN interface, or am I wrong? The other server, ipcop2, keeps telling me the following in the log: "ipcop-vpn" #2: ERROR: asynchronous network error report on eth1 for message to 192.168.90.1 port 500, complainant 192.168.90.1: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Anyone got a possible solution? Best regards -:Rune:- |
hi,
I am trying to build a network of IPCop 1.4.15, so I want to use the IPCops for net-to-net VPN. That means all the RED networks are in the same network segment (e.g. 10.0.0.20/21), but there are different networks on all GREEN sides (e.g. 192.168.1.20/192.168.102.21). I have tried following some step-by-step guides but still can't seem to make it work. In the VPN-tab of IPCop the connection keeps Closed. Network setup example: ipcop1 ipcop2 GREEN RED RED GREEN 192.168.1.20 -- 10.0.0.20 --internet--- 10.0.0.21 -- 192.168.102.21 On ipcop1 are the following settings: name: ipcop1 side: left ip:10.0.0.20 local subnet: 192.168.1.0/255.255.255.0 remote ip:192.168.102.21 remote subnet:192.168.102.0/255.255.255.0 on ipcop2 are the following settings: name:ipcop2 side:rigt ip:10.0.0.21 local subnet: 192.168.102.0/255.255.255.0 remote ip:192.168.1.20 remote subnet:192.168.1.0/255.255.255.0 Authentication are set to certificate. As I have already said the VPN tunnel won't start, it's status is CLOSED. please somebody can help me? I apreciate.... |
All times are GMT -5. The time now is 07:14 PM. |