This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Linux Roadwarrior - any HowTo available

Hi,

do you know a HowTo how to setup a Linux roadwarrior to connect to an Astaro Firewall? I want to setup one, but I didn't found any information which VPN solution should be used and how it must be configured (PKI is preferred, L2TP would be also ok).

Regards,
Michael Obster

This thread was automatically locked due to age.

Parents

0 praenti over 19 years ago

Ok. I have tried it already to setup such a configuration.
But now I have a BIG problem:

I'm always getting a
"D_VPN-Obster-intern_0"[3] 192.168.0.4 #8: cannot respond to IPsec SA request because no connection is known for 10.74.175.0/24===192.168.0.1[@praenti-dslgate.gotdns.org]...192.168.0.4[@gutmann.local.obster.org]
in the Astaro log.

Configuration Astaro:
-----------------------------------------
conn D_VPN-Obster-intern_0
        left="192.168.0.1"
        keyingtries="3"
        esp="aes128-md5"
        authby="rsasig"
        ikelifetime="7800"
        keyexchange="ike"
        leftrsasigkey="0sAQPEMKVKa..."
        pfs="no"
        leftsubnet="10.74.175.0/255.255.255.0"
        keylife="3600"
        rightid="@gutmann.local.obster.org"
        leftid="@praenti-dslgate.gotdns.org"
        rightupdown="/opt/_updown.strict_routing 2>/tmp/log 1>/tmp/log"
        right="0.0.0.0"
        auto="add"
        rightsubnet="vhost:%v4:10.74.175.3/32"
        leftupdown="/opt/_updown.strict_routing 2>/tmp/log 1>/tmp/log"
        compress="no"
        type="tunnel"
        ike="aes256-md5-modp1536"
        rightrsasigkey="0sAQO9ER9CowBDey..."

Configuration OpenSWAN on my Linux:
-------------------------------------------
conn D_VPN-Obster-intern_0
        left=%defaultroute
        leftid="@gutmann.local.obster.org"
        leftrsasigkey="0sAQO9ER9CowBDey..."
        right="192.168.0.1"
        rightsubnet="10.74.175.0/255.255.255.0"
        rightid="@praenti-dslgate.gotdns.org"
        rightrsasigkey="0sAQPEMKVKa..."
        auto=add

--------------------------------------------------------------------------------------------

Can anybody give me a hint what's wrong with my configuration?

Cheers,
Michael
Cancel
Vote Up 0 Vote Down

Cancel
0 KKnecht over 19 years ago in reply to praenti

...
leftsubnet="10.74.175.0/255.255.255.0"
rightsubnet="vhost:%v4:10.74.175.3/32"

Same range for two different subnets ??
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 KKnecht over 19 years ago in reply to praenti

...
leftsubnet="10.74.175.0/255.255.255.0"
rightsubnet="vhost:%v4:10.74.175.3/32"

Same range for two different subnets ??
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 praenti over 19 years ago in reply to KKnecht

I'm also wondering about that, but this was generated via the Webinterface of ASL. Btw. this config works with a NCP client on a Windows XP.

Can you tell me whats wrong then?
Cancel
Vote Up 0 Vote Down

Cancel