Hi, Matthew<br><br> I'm testing the beta release 2.0. I've been able con connect to a racoon server, configured like this:<br><br>------------------------------------------------------------------------------------------
<br>remote xxx.yyy.zzz.aaa {<br> exchange_mode main;<br> my_identifier address "bbb.ccc.ddd.xxx";<br> proposal_check strict;<br> lifetime time 24 hour;<br><br> nat_traversal on;<br> ike_frag on;
<br> dpd_delay 30;<br><br> proposal {<br> encryption_algorithm 3des;<br> hash_algorithm md5;<br> authentication_method pre_shared_key;<br> dh_group 2;<br> }<br>}<br>
mode_cfg {<br> pool_size 254;<br> network4 <a href="http://192.168.1.11">192.168.1.11</a>;<br> netmask4 <a href="http://255.255.255.0">255.255.255.0</a>;<br> auth_source system;<br> dns4 <a href="http://192.168.0.2">
192.168.0.2</a>;<br>}<br>sainfo anonymous {<br> lifetime time 8 hour;<br> encryption_algorithm 3des;<br> authentication_algorithm hmac_md5;<br> compression_algorithm deflate;<br>}<br>------------------------------------------------------------------------------------------
<br clear="all"><br> I'm connecting from a windows 2000 machine, connected through a linux firewall (ports UDP/500 and UDP/4500 are permitted). The destination firewall have the appropriate ports open too (that may seems quite obvious, but I stated it anyway).
<br> The problem I'm facing now is that I can't contact any machine in the destination network (<a href="http://192.168.0.0/24">192.168.0.0/24</a>), and I'm losing local internet connection when I connect to the racoon server.
<br> My local ethernet address is <a href="http://192.168.1.10">192.168.1.10</a>, and the vnet device is getting <a href="http://192.168.1.11">192.168.1.11</a> (through mode_cfg), but the default gateway ends configured as
<a href="http://192.168.1.11">192.168.1.11</a> for that device when I connect, so my machine disconnect from the rest of the world while the tunnel is up, so as you may imagine, is very difficult to debug the connection with a sniffer in the other side. What I really want is to connect to the other network without losing my actual connection. I'm not sure if configuring a specific sainfo will help me fix this issue or even if this is possible, so I'm open to any suggestions.
<br> As an aditional goodie to all this issue, when I connect to the other network, I can't ping any other machine, but I'm not sure if I need to do something else in the other side. I suspect my setup is not well configured, as I only have configured net-to-net vpn before and this is not what I'm used to.
<br> I'm pretty sure that this is a mistake from my part, but I don't seem to understand exactly how this connection works in the first place... <br> What test should I perform in the client side to ensure the problem is not related to my local setup?
<br> What configuration changes may help me in the racoon side?<br><br> Thank you in advance, and keep up with this excellent work!<br><br>-- <br>Saludos,<br> Gustavo Castro Puig.<br> E-Mail: <a href="mailto:gcastrop@gmail.com">
gcastrop@gmail.com</a><br> <br>LPI Level-1 Certified (<a href="https://www.lpi.org/es/verify.html">https://www.lpi.org/es/verify.html</a><br>LPID:LPI000042304 Verification Code: hp6re8w5qg ) <br>-----BEGIN GEEK CODE BLOCK-----
<br>Version: 3.12<br>GCS/CM/IT/ED dx s-:- a? C(+++)$ UL++++*$ P+ L++++(++)$ E--- W+++$ N+ o?<br>K- w O M V-- PS PE++(-) Y-(+) PGP+ t(++) 5+ X++ R tv+ b++(++++) DI+++<br>D++ G++ e++ h--- r y+++<br>------END GEEK CODE BLOCK------
<br>Registered Linux User #69342<br>