[vpn-help] Problem with ubuntu client - windows works

Alexander Eisenhuth ae at stacom-software.de
Tue Oct 25 14:43:19 CDT 2011 

Hello List,

I've a connecting (routing?) problem with my ubuntu 10.04 to a zywall. At the end i'll add the configuration. My local network is 192.168.1.0 (wlan) my remote network is 192.168.0.0. I've tried the hint in http://lists.shrew.net/mailman/htdig/vpn-help/2008-November/000950.html 

Any help welcome!

Alexander

Here the output of the client:
config loaded for site '<xxxx>.vpn'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled

After I ping a address in the remote network the shrewsoft client shows one established "Security associations" in the network tab

Output of rout:
Kernel-IP-Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 2 0 0 wlan0
192.168.0.0 192.168.0.33 255.255.255.0 UG 0 0 0 tap0
192.168.0.0 * 255.255.255.0 U 0 0 0 tap0
link-local * 255.255.0.0 U 1000 0 0 wlan0
default fritz.fonwlan.b 0.0.0.0 UG 0 0 0 wlan0

output of ifconfig:
tap0 Link encap:Ethernet Hardware Adresse 2a:b6:14:ce:f3:8f 
 inet Adresse:192.168.0.33 Bcast:192.168.0.255 Maske:255.255.255.0
 inet6-Adresse: fe80::28b6:14ff:fece:f38f/64 Gültigkeitsbereich:Verbindung
 UP BROADCAST RUNNING MTU:1380 Metrik:1
 RX packets:0 errors:0 dropped:0 overruns:0 frame:0
 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
 Kollisionen:0 Sendewarteschlangenlänge:500 
 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

wlan0 Link encap:Ethernet Hardware Adresse 00:0e:2e:d1:c5:36 
 inet Adresse:192.168.1.25 Bcast:192.168.1.255 Maske:255.255.255.0
 inet6-Adresse: fe80::20e:2eff:fed1:c536/64 Gültigkeitsbereich:Verbindung
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
 RX packets:25617 errors:0 dropped:0 overruns:0 frame:0
 TX packets:16119 errors:0 dropped:0 overruns:0 carrier:0
 Kollisionen:0 Sendewarteschlangenlänge:1000 
 RX bytes:34169958 (34.1 MB) TX bytes:1739213 (1.7 MB)


clint configuration:
====================
n:version:2
n:network-ike-port:500
n:network-mtu-size:1380
n:client-addr-auto:0
n:network-natt-port:4500
n:network-natt-rate:15
n:network-frag-size:540
n:network-dpd-enable:1
n:client-banner-enable:0
n:network-notify-enable:1
n:client-wins-used:0
n:client-wins-auto:0
n:client-dns-used:0
n:client-dns-auto:0
n:client-splitdns-used:0
n:client-splitdns-auto:0
b:auth-mutual-psk:<XXXX>
n:phase1-dhgroup:2
n:phase1-life-secs:86400
n:phase1-life-kbytes:0
n:vendor-chkpt-enable:0
n:phase2-pfsgroup:-1
n:phase2-life-secs:3600
n:phase2-life-kbytes:0
s:policy-level:auto
n:policy-nailed:0
n:policy-list-auto:0
n:phase1-keylen:0
n:phase2-keylen:0
s:network-host:<XXXX>
s:client-auto-mode:disabled
s:client-iface:virtual
s:client-ip-addr:192.168.0.33
s:client-ip-mask:255.255.255.0
s:network-natt-mode:enable
s:network-frag-mode:enable
s:auth-method:mutual-psk-xauth
s:ident-client-type:fqdn
s:ident-client-data:<XXXX>
s:ident-server-type:address
s:phase1-exchange:aggressive
s:phase1-cipher:auto
s:phase1-hash:auto
s:phase2-transform:auto
s:phase2-hmac:auto
s:ipcomp-transform:disabled
s:policy-list-include:192.168.0.0 / 255.255.255.0

More information about the vpn-help mailing list