CORRECTED: Can't Connect A Simple IPSec VPN

From:	ejask at aim dot com
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	CORRECTED: Can't Connect A Simple IPSec VPN
Date:	Wed, 27 Jul 2005 14:28:26 -0400
My last post had some errors in the ip addresses. Here is the corrected 
 
 
I am having trouble connecting two monowall firewalls thru a IPSec vpn tunnel. I 
want to create a network between 4 computers located at two different sites. 
There are only 2 computers located at each site and all have static ip 
addresses. The monowall wan addressess uses a dhcp server to obtain an ip, but 
it obtains the same ip address ever time. 

Here are my lan setups

Computer 1: 192.168.100.101     Computer 2: 192.168.100.102
            \                                                   /
             -------\                            /-------
                        ------\         /------
                        Monowall A Lan: 192.168.100.100
                        Monowall A Wan: 10.172.1.235
                                       |
                                  Internet
                                       |
                        Monowall B Wan: 12.147.205.62
                         Monowall B Lan: 192.168.200.100
                        ------/         \------
             -------/                            \-------
            /                                                   \
Computer 1: 192.168.200.101     Computer 2: 192.168.200.102

Here are the configurations I used in the VPN: IPsec: Edit Tunnel Screen

Monowall A: Interface: WAN
                 Local Subnet: LAN Subnet
                 Remote Subnet: 192.168.200.0/24
                 Remote Gateway: 12.147.205.62
   Phase 1
                 Negotiation Mode: Aggresive
                 My Identifier: My IP Address
                 Encryption Algorithm: 3DES
                 Hash Algorithm: SHA1
                 DH Key Group: 2
                 Authentification Method: Pre-shared key
                 Pre-Shared Key:  "Same Key on Both"
   Phase 2        
                 Protocol: ESP
                 Encryption Algorithms: 3DES
                 Hash Algorithms: SHA1
                 PFS Key Group: off


Monowall B Interface: WAN
                 Local Subnet: LAN Subnet
                 Remote Subnet: 192.168.100.0/24
                 Remote Gateway: 10.172.1.235
   Phase 1
                 Negotiation Mode: Aggresive
                 My Identifier: My IP Address
                 Encryption Algorithm: 3DES
                 Hash Algorithm: SHA1
                 DH Key Group: 2
                 Authentification Method: Pre-shared key
                 Pre-Shared Key:  "Same Key on Both"
   Phase 2        
                 Protocol: ESP
                 Encryption Algorithms: 3DES
                 Hash Algorithms: SHA1
                 PFS Key Group: off
   
For some reason, I can not get the two to connect to each other and Computer 1 
in LAN A can not ping either computer in LAN B and vise versa. 

Any Suggestions?

Thanks,

Eric Jaskula
________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus
protection.

Get your own free AIM(R) Mail account and become eligible to win daily prizes, ending July 30, 2005.
One lucky grand prize winner will even drive away with a 2005 MINI(R) Cooper S.
http://cdn.channel.aol.com/aimmail/aim_mail.html?mail_footer