[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Problem with PGPNet and IPSec.
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Problem with PGPNet and IPSec.
- From: Alexander Funcke <funcke_(_at_)_daemon_(_dot_)_se>
- Date: Wed, 25 Oct 2000 00:30:52 +0200 (CEST)
I'm building a VPN gateway on OpenBSD, that is going to serv clients
running PGPNet (7.0 on win2k) with dynamic IP's (i.e. laptops).
The net looks more or less like this:
| | OUT | | INSIDE
| Laptop |------| FIREWALL |-------+
|________| |_______________| |
__________ | |
| | DMZ | |
| IPSec-gw |------------+ |
| | |
\______________________| Internal LAN |
I've been able to connect to the IPsec gw from the laptop establishing
both IKE and IPSec. But when I try to communicate let's say with the
address on the inside of the ipsec-gw (or anyhere else beyond that
point) the traffic is send to the IPsec-gw in esp packets (lovely!) BUT,
when it answers, it starts screaming in e.g. TCP that'll get blocked at
I don't believe that it's the routing tables fault, because the non-esp
packets are sent via the DMZ address on ipsec-gw and not the inside.
My isakmpd.conf looks something like this:
Listen-on= IP on the outside of IPSec-gw
Local-address= IP on the outside of IPSec-gw
Authentication= A beautiful and clever password
Am I missing something obvious or am I just good ol'... stupid?
| Alexander Funcke <zd^>
| Phone: +46-736-500182 "I'm Idle, therfore I am"
Visit your host, monkey.org