ipsec retransminnion
Anton Caniga
Caniga na bentel.sk
Středa Únor 25 14:20:02 CET 2004
Dobry den,
na masine mam kernel 2.4.22 s patchom super-freeswan-1.99.8 v konfiguracom
subore ipsec.conf mam toto:
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
conn test
left=a1.b1.c1.d1
leftsubnet=e1.f1.g1.h1/24
leftnexthop=i1.j1.k1.l1
right=a2.b2.c2.d2
rightsubnet=e2.f2.g2.h2/24
rightnexthop=i2.j2.k2.l2
auth=ah
auto=start
kde je
eth0 verjene rozhranie pre danu gateway,
a1.b1.c1.d1 lava gateway,
e1.f1.g1.h1/24 specifikacia adresy pre privatny subnet,
i1.j1.k1.l1 lavy prvy router
to iste palti aj pre opacnu stranu.
V ipsec.secrets ma toto:
a1.b1.c1.d1 a2.b2.c2.d2 "0xd7..."
Pri spusteni tunelu mi do logu napise toto:
ipsec_setup: ...FreeS/WAN IPsec started
ipsec__plutorun: 104 "test" #1: STATE_MAIN_I1: initiate
ipsec__plutorun: 010 "test" #1: STATE_MAIN_I1: retransmission; will wait 20s
for response
ipsec__plutorun: 010 "test" #1: STATE_MAIN_I1: retransmission; will wait 40s
for response
ipsec__plutorun: 031 "test" #1: max number of retransmissions (2) reached
STATE_MAIN_I1. No acceptable response to our first IKE message
ipsec__plutorun: 000 "test" #1: starting keying attempt 2 of at most 3, but
releasing whack
ipsec__plutorun: ...could not start conn "test"
,ale interfaces ipsec0 mi vytvori.
Takto vyzera vypis ipsec look:
019216800100024:0:192.168.2.0/24:0 -> 192.168.1.0/24:0 => %trap:0 (0)
ipsec0->eth0 mtu=16260(1500)->1500
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 195.46.61.1 255.255.255.0 UG 0 0 0
ipsec0
195.46.61.0 0.0.0.0 255.255.255.0 U 0 0 0
ipsec0
Neviete mi poradit v com je problem.Ozaj a este jeden maly dotaz interfaces
ipsec0 a eth0 su uplne totozna je to normalne alebo som spravil niekde chybu.
Velmi pekne dakujem vsetkym za ochotu.
Další informace o konferenci Linux