[Vpn-help] vpn-release-1.1 communicate with racoon problem
Matthew Grooms
mgrooms at shrew.net
Wed Nov 22 13:26:06 CST 2006
Zhao,
Thanks for trying out the VPN Client. If you see esp packets being
emitted from the client ( passing both phase1 and phase2 ), it is very
likely close to working.
To start, it would be a good idea to reconfigure your client address
range to start with .1 instead of .0 as this can cause problems. I will
see if I can sneak in an ipsec-tools fix to prevent this from happening
before we branch for 0.7.
For example ...
mode_cfg {
pool_size 253;
network4 192.168.1.1;
netmask4 255.255.255.0;
dns4 192.168.20.1;
auth_source system;
}
Also, does your debian gateway have selinux or a firewall like iptables
installed? As for the certificate verification not working, could you
run racoon with the -d option and forward me the relevant debug output
regarding this issue.
Thanks,
-Matthew
More information about the vpn-help
mailing list