Office gateway:
# cat /etc/ipsec.conf
ike passive esp from 192.168.0.0/24 to any local egress dstid
[EMAIL PROTECTED] psk xxx
Home gateway:
# cat /etc/ipsec.conf
ike dynamic esp from egress to 192.168.0.0/24 peer OFFICE_GATEWAY srcid
[EMAIL PROTECTED] psk xxx
So, if on home gateway i specify
Markus Wernig wrote:
It's because of:
ike passive esp from 192.168.0.0/24 to any local egress dstid
[EMAIL PROTECTED] psk xxx
Yes, it's because of that. But I'm convinced that you don't need that at
all.
From what I understand, you just need to give access from some remote
network(s) to your o
On 01.03-00:39, Alexey Vatchenko wrote:
[ ... ]
> No, i don't use same network address for two networks.
then you need to alter you settings to specify the actual networks
that you're using.
for example, you could define the remote network to be
192.168.123.123/32 and then route everything for 19
Alexey Vatchenko wrote:
It's because of:
ike passive esp from 192.168.0.0/24 to any local egress dstid
[EMAIL PROTECTED] psk xxx
Yes, it's because of that. But I'm convinced that you don't need that at
all.
From what I understand, you just need to give access from some remote
network(s) to you
Hi!
Thanks for reply!
Markus Wernig wrote:
From my point of view the problem is that you use the same network
range 192.168.0/24 in your home and office. Off the top of my head I'd
say that this should not work. The routing entries look a bit scary,
actually. If I had the same setup, I'd tr
Hi
From my point of view the problem is that you use the same network
range 192.168.0/24 in your home and office. Off the top of my head I'd
say that this should not work. The routing entries look a bit scary,
actually. If I had the same setup, I'd try one of the following:
- change the home
Hi!
Jeff Quast wrote:
you need to declare a bypass flow on the side of the network where the router,
presumably on 192.168.0.0/24 requires communication to the local network
segment also on 192.168.0.0/24. It is probobly trying to send this across the
tunneled wire, which won't reach its dest
Jeff Quast wrote:
you need to declare a bypass flow on the side of the network where the router,
presumably on 192.168.0.0/24 requires communication to the local network
segment also on 192.168.0.0/24. It is probobly trying to send this across the
tunneled wire, which won't reach its destinati
On Sat, Feb 23, 2008 at 05:47:18PM +0200, Alexey Vatchenko wrote:
> Hi guys!
>
> I'm trying to configure IPSec tunnel between home gateway and office
> gateway. Home gateway has dynamic IP, office gateway has static IP.
>
> The problem is when home gateway establishes IPSec tunnel with office
>
Hi
What does the ipsec.conf entry on the Office gateway for the Home
gateway look like?
IP range of Home network?
Are you trying to use the Home gateway as a relay to get into the Office
net from other locations than from Home network?
Do you have any NAT rules involved?
"ipsecctl -s all" on
10 matches
Mail list logo
