On 2007/07/31 14:55, sonjaya wrote:
> hi all
> 
> i try follow this tutorial :
> http://openbsd.org/papers/asiabsdcon07-ipsec/mgp00065.html
> 
> what i want ask :
> 1. what mean egress  ?
> 2. why user [EMAIL PROTECTED] ( this user or name host) ?
> 3.  when i try  parse in laptop get error ( config error), where is wrong ?
> 4.  here my net plan
> 
> (b_lan)---vpn-client--adsl---internet--vpn-gw---(a_lan)
> 
> 
> --snip --
> my laptop
> # cat /etc/ipsec.conf
> vpn_gw="ip-public-vpn-gw"
> a_lan="192.168.0.0/24"
> b_lan="192.168.2.0/24"
> 
> ike esp from egress to $a_lan peer $vpn_gw \
>     srcid [EMAIL PROTECTED] dstid  $vpn_gw
> 
> my vpn -gw
> 
> # cat /etc/ipsec.conf
> gw_vpn="my-ip-public-vpn-gw"
> a_lan="192.168.0.0/24"
> b_lan="192.168.2.0/24"
> 
> ike dynamic esp from $a_lan to any srcid $gw_vpn
> 
> here log mesage
> Jul 31 14:53:49 secure isakmpd[28167]: udp_create: no address
> configured for "peer-default"
> Jul 31 14:53:49 secure isakmpd[28167]: exchange_establish: transport
> "udp" for peer "peer-default" could not be created


Wrong way round. The laptop should be "dynamic", the gateway
should not.

Reply via email to