Topic: Freeswan

[John Snyder]

I Have tried installing freeswan.
The RPM installed with no error
But when i do the rpm -q freeswan it replys not istalled
But if i do a rpm -qa | grep freeswan i see it
When i go onto the server-manager it shows that its there but there is nothing in the public encption key its blank.
I getting way to fustrated and close to reinstalling becouse of this does any one have any susgestions please let me know.

[steve]

i followed this how-to and it worked fine
http://www.myezserver.com/docs/mitel/freeswan-howto.html
did you follow this how-to??
never heard of your type of prob b4
maybe u got a bad download or other freak error
if the box is fresh, i would re-install and follow the above how-to

-s

[John Snyder]

I tried the how to, it still did not work so i reinstalled sme and it worked but the one sme box installed sme 1.9 vesion and one installed 1.8 does this matter. it is up now but does not make the connection over the vpn, is there a log file to see what the error is. Does anybody have this fully working? the sme box is set up with a newer download of sme than the other has blue menus and the other has red is this the problem?

[steve]

I am not sure if the version differences matter.
Probably, keeping them all the same would make things simpler.
Also remember, apparently Freeswan will only work if you have static ip's on the external interface.
I set it up successfully with 2 boxes with static external IPs, but could not get it setup between one static and one dynamic.

-s

[John Snyder]

Has any one had any luck with Dynamic IP address this is most likely my problem. I did not know this was an issue. is there a work around i have stable IP address. It does not change but i have the same DHCP assigned address all the time does not change unless I shut the machine down for 12 hours or more and this never happens anyway.

[steve]

I have the same situation at home with my SME5.1.2 on my cable modem
my IP won't change unless I shutdown the server for more than 15 or 20 minutes.
I was unable to setup IPSEC VPN from home box-dhcp to work box-static.

If anyone out there knows how to setup Freeswan using dynamic external IPs
Please Help Us!!!

-s

[Justin]

Yes IPSec will work with Dynamic IP addresses. I have done it a couple of times now.

Justin.

[Nathan Price]

I have had similar issues with FreeSWAN and DHCP.   In my case ipsec.conf left the 'leftnexthop' and 'rightnexthop' fields blank whereas all the static machines had this field completed.  Look in /home/e-smith/configuration for a property called 'GatewayIP' if it is not there create it by:

/sbin/e-smith/config set GatewayIP x.x.x.x

then re-expand your ipsec.conf template

/sbin/e-smith/expand-template /etc/ipsec.conf

and then try FreeSWAN again.  This worked for me.

Anyone know why the GatewayIP field is missing on DHCP boxes?