|
||||||||||
Do you see any SAD or SPD entries on the Diagnostics->IPSEC page on the monowall when you try connecting? I am not 100% sure based on the information you gave, but I believe your subnet masks in your spdadd entries should be something other than /32, likely /24. A /32 only allows access to and from a single host. Also check the racoon log file (typically /var/log/racoon) on your BSD box for clues, it usually will help diagnose where the problem is. -Cory -----Original Message----- From: Uro¹ Gruber [mailto:uros dot gruber at vizija dot si] Sent: Friday, September 16, 2005 12:24 AM To: m0n0wall at lists dot m0n0 dot ch Subject: [m0n0wall] IPSEC with FreeBSD Hi! I'm running 1.2b10 and I would like to get monowall and my remote server to comunicate via IPSEC VPN. I setup IPSEC with preshared-key on monowal and follow the instruction from http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html but nothing is working. Can somebody give me some info about this. what I did. monowall have one remote address (A) and local address 10.255.255.252 server have local address 192.168.0.1 and remote address (B). I set up monowall from documentation (IPSEC on WAN and local is LAN), remote gateway is set to adress B. I also setup to use preshared-key. Then I create gif0 on my freebsd and create tunnel as i said from handbook. Then install racoon and kreate psk.txt and start the racoon. And also set IPSEC policy with two rules and start the IPSEC. spdadd B/32 A/32 ipencap -P out ipsec esp/tunnel/B-A/require; spdadd A/32 B/32 ipencap -P in ipsec esp/tunnel/A-B/require; But I can't se anthing to work. Did I miss something regards Uros --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |