Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: John Snyder on March 16, 2002, 05:18:36 AM

Title: Freeswan
Post by: John Snyder on March 16, 2002, 05:18:36 AM

I Have tried installing freeswan.
The RPM installed with no error
But when i do the rpm -q freeswan it replys not istalled
But if i do a rpm -qa | grep freeswan i see it
When i go onto the server-manager it shows that its there but there is nothing in the public encption key its blank.
I getting way to fustrated and close to reinstalling becouse of this does any one have any susgestions please let me know.

Title: Re: Freeswan
Post by: steve on March 16, 2002, 11:31:00 AM

i followed this how-to and it worked fine
http://www.myezserver.com/docs/mitel/freeswan-howto.html
did you follow this how-to??
never heard of your type of prob b4
maybe u got a bad download or other freak error
if the box is fresh, i would re-install and follow the above how-to

-s

Title: Re: Freeswan
Post by: John Snyder on March 18, 2002, 05:03:20 PM

I tried the how to, it still did not work so i reinstalled sme and it worked but the one sme box installed sme 1.9 vesion and one installed 1.8 does this matter. it is up now but does not make the connection over the vpn, is there a log file to see what the error is. Does anybody have this fully working? the sme box is set up with a newer download of sme than the other has blue menus and the other has red is this the problem?

Title: Re: Freeswan
Post by: steve on March 18, 2002, 10:42:09 PM

I am not sure if the version differences matter.
Probably, keeping them all the same would make things simpler.
Also remember, apparently Freeswan will only work if you have static ip's on the external interface.
I set it up successfully with 2 boxes with static external IPs, but could not get it setup between one static and one dynamic.

-s

Title: Re: Freeswan
Post by: John Snyder on March 18, 2002, 10:59:01 PM

Has any one had any luck with Dynamic IP address this is most likely my problem. I did not know this was an issue. is there a work around i have stable IP address. It does not change but i have the same DHCP assigned address all the time does not change unless I shut the machine down for 12 hours or more and this never happens anyway.

Title: Re: Freeswan
Post by: steve on March 19, 2002, 01:26:17 AM

I have the same situation at home with my SME5.1.2 on my cable modem
my IP won't change unless I shutdown the server for more than 15 or 20 minutes.
I was unable to setup IPSEC VPN from home box-dhcp to work box-static.

If anyone out there knows how to setup Freeswan using dynamic external IPs
Please Help Us!!!

-s

Title: Re: Freeswan
Post by: Justin on March 20, 2002, 03:07:01 AM

Yes IPSec will work with Dynamic IP addresses. I have done it a couple of times now.

Justin.

Title: Re: Freeswan
Post by: Nathan Price on October 09, 2002, 12:28:08 AM

I have had similar issues with FreeSWAN and DHCP.   In my case ipsec.conf left the 'leftnexthop' and 'rightnexthop' fields blank whereas all the static machines had this field completed.  Look in /home/e-smith/configuration for a property called 'GatewayIP' if it is not there create it by:

/sbin/e-smith/config set GatewayIP x.x.x.x

then re-expand your ipsec.conf template

/sbin/e-smith/expand-template /etc/ipsec.conf

and then try FreeSWAN again.  This worked for me.

Anyone know why the GatewayIP field is missing on DHCP boxes?