Re: [m0n0wall] VPN dosn't accept connections.

From:	Manuel Kasper <mk at neon1 dot net>
To:	Krzysztof Ostrowski <kostrowski at orix dot pl>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] VPN dosn't accept connections.
Date:	Fri, 21 Nov 2003 13:20:57 +0100

On 21.11.2003, at 13:09, Krzysztof Ostrowski wrote:

> I've setup VPN and it dosn't accept connections. In log is nothing, 
> olny
> starting raccon, nothing about accepting connections

Are you sure you understand how IPsec with dynamic keying works? racoon 
is the IKE daemon that handles the key exchange. It's the only userland 
program that plays a part of IPsec VPN - the rest is handled in the 
kernel.

> Active Internet connections (including servers)
> Proto Recv-Q Send-Q  Local Address          Foreign Address        
> (state)
> tcp4       0      0  *.443                  *.*                    
> LISTEN
> udp4       0      0  *.2862                 *.*
> udp4       0      0  192.168.15.1.500       *.*
> udp4       0      0  80.53.194.230.500      *.*
> udp4       0      0  127.0.0.1.500          *.*

There you go - racoon is obviously there, listening on UDP port 500 
(IKE).

> i'm trying connnect from another mono and from freebsd and it dosn't 
> work

You have to be more specific. Really. How did you configure the other 
m0n0wall (what about the config.xml content from both of them)? Also, 
note that the IPsec tunnel is only established when you actually try to 
reach the other network - not already when you hit the "Apply changes" 
button.

- Manuel