[Ilugc] IPSEC Connection between Gateway Firewalls

~adarsh~ vpadarsh at gmail.com
Wed Jun 28 14:15:35 IST 2006


On 6/28/06, Binand Sethumadhavan <binand at gmail.com> wrote:
> On 28/06/06, ~adarsh~ <vpadarsh at gmail.com> wrote:
> > Jun 29 10:27:06 firewalldxb pluto[30734]: "firewallother.test.com-vpn"
> > #3: sent MR3, ISAKMP SA established
>
> > Jun 29 10:27:07 firewalldxb pluto[30734]: "firewallother.test.com-vpn"
> > #4: IPsec SA established {ESP=>0x4fcbbcdf <0x200aaf8a
> > IPCOMP=>0x00003dd8 <0x000069e1}
>
> These two together say that your VPN tunnel is up (P1 - ISAKMP and P2
> - IPSec SAs are established). So now it is only a matter of tunneling
> traffic over the VPN interface (what does "ip link show" say at the
> end of this?)
>
> Binand
>
it says
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:03:99:88:ec:dc brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:02:a5:b1:45:33 brd ff:ff:ff:ff:ff:ff
4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:03:99:88:ec:dc brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:02:a5:b1:45:33 brd ff:ff:ff:ff:ff:ff
4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0


-- 
Adarsh


More information about the ilugc mailing list