Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 1334 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP and ASL

Dave Cook
Hi:
Thanks for all dhcp stuff.  I've got it running fine.  Has anyone done a Net-to-Net ASL setup with ASL DHCP box at one side and an ASL box fixed IP at the other?  If so, could you let me know how you setup the ASL on both sides.  VPN, Ports etc.
P.S. It works fine if I have static at both ends....
Dave Cook


This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to iMyWay
    Hi:
    I have that package loaded and working good.  I need to know the IPSEC configs at either end for ASL.  I understand if you use "ANY" to refer to the DHCP end that that should work but I can't get it to run....
    Any thoughts?
    D.C.
Children
  • 0 in reply to Dave Cook
    Hi:
    I have that package loaded and working good.  I need to know the IPSEC configs at either end for ASL.  I understand if you use "ANY" to refer to the DHCP end that that should work but I can't get it to run....
    Any thoughts?
    D.C.
  • 0 in reply to Dave Cook
    Did you have read this: http://docs.astaro.org/docs/vpn_howto.htm 
    maybe is your settings is not well,post detail and let someone to help you.
  • 0 in reply to iMyWay
    Hi Folks:
    Here are the details:

    192.168.1.0 -- DHCP -- 199.246.74.35 --10.10.10.0

    IPSEC ASL Left side:
    --------------------
    PFS: yes
    IKE: enabled
    Shared Key: xxxxxxxxxxxxxxxxxxxxxxx
    Local Interface: 24.114.240.66
    Local Subnet: 192.168.1.0
    Remote IP: 199.246.74.35
    Remote Subnet: 10.10.10.0

    IPSEC ASL Right Side:
    ---------------------
    PFS: yes
    IKE: enabled
    Shared Key: xxxxxxxxxxxxxxxxxxxxxxxx
    Local Interface: 199.246.74.35
    Local Subnet: 10.10.10.0
    Remote IP: Any   ANY  Allow
     ANY  Allow

    Filters: Right Side:
    --------------------
     ANY  Allow
     ANY  Allow

    For testing I've even opened everything.

    ANY  ANY  ANY   Allow 

    and still nothing.

    If I make one small change and alter DHCP and put a static in, it works perfect.

    Can I do a Net-to-Net config with one end being DHCP?  I checked out the VPN How-to's before.  These only outline Host-to-Net or Net-to-Net (Static either end).  

    I'm pretty sure Freeswan can do this.  

    Any ideas really appreciated.  I'm actually working at a customer site.

    Note: The DHCP side is an @HOME cable modem which I have working fine.

    regards, D.Cook  [:(]
Unfiltered HTML