On 2007/07/31 14:55, sonjaya wrote: > hi all > > i try follow this tutorial : > http://openbsd.org/papers/asiabsdcon07-ipsec/mgp00065.html > > what i want ask : > 1. what mean egress ? > 2. why user [EMAIL PROTECTED] ( this user or name host) ? > 3. when i try parse in laptop get error ( config error), where is wrong ? > 4. here my net plan > > (b_lan)---vpn-client--adsl---internet--vpn-gw---(a_lan) > > > --snip -- > my laptop > # cat /etc/ipsec.conf > vpn_gw="ip-public-vpn-gw" > a_lan="192.168.0.0/24" > b_lan="192.168.2.0/24" > > ike esp from egress to $a_lan peer $vpn_gw \ > srcid [EMAIL PROTECTED] dstid $vpn_gw > > my vpn -gw > > # cat /etc/ipsec.conf > gw_vpn="my-ip-public-vpn-gw" > a_lan="192.168.0.0/24" > b_lan="192.168.2.0/24" > > ike dynamic esp from $a_lan to any srcid $gw_vpn > > here log mesage > Jul 31 14:53:49 secure isakmpd[28167]: udp_create: no address > configured for "peer-default" > Jul 31 14:53:49 secure isakmpd[28167]: exchange_establish: transport > "udp" for peer "peer-default" could not be created
Wrong way round. The laptop should be "dynamic", the gateway should not.