Estoy creando una vpn con 2 monowall mediante Ipsec en un extremo tengo un modem configurado en modo bridge (me proporciona ip dinamica) en el otro extremo tengo ip publica Estatica, la version de los monowall 1.3b18.
el monowall con el adsl configura la interface wan con ppoe y ya me asigna la ip del modem.
En internet ya veo los dos monowall
Phase 1
modo de negociacion aggressive
my identifier IP address
algoritmo de encripcion 3des
hash algoritmo MD5
DH key group 1
lifetime 3600
authentication method pre shared key
Phase 2
protocol ESP
encription algoritmo 3des
has algoritmo MD5
PFS key group off
lifetime 86400
en Diagnostics
en IPSEC SPD si me genera las 2 entradas pero en SAD no me genera nada
y en el log solo tengo esto en el monowall de la ip fija
Sep 23 23:46:26 racoon: ERROR: such policy already exists. anyway replace it: 192.168.10.68/32[0] 10.0.1.0/24[0] proto=any dir=out
Sep 23 23:46:26 racoon: ERROR: such policy already exists. anyway replace it: 192.168.10.68/32[0] 192.168.10.0/24[0] proto=any dir=out
Sep 23 23:46:26 racoon: ERROR: such policy already exists. anyway replace it: 10.0.1.0/24[0] 192.168.10.68/32[0] proto=any dir=in
Sep 23 23:46:26 racoon: ERROR: such policy already exists. anyway replace it: 192.168.10.0/24[0] 192.168.10.68/32[0] proto=any dir=in
Sep 23 23:46:26 racoon: INFO: 192.168.10.68[500] used for NAT-T
Sep 23 23:46:26 racoon: INFO: 192.168.10.68[500] used as isakmp port (fd=10)
Sep 23 23:46:26 racoon: INFO: ************[500] used for NAT-T
Sep 23 23:46:26 racoon: INFO: ***********[500] used as isakmp port (fd=9)
Sep 23 23:46:26 racoon: INFO: 127.0.0.1[500] used for NAT-T
Sep 23 23:46:26 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=8)
Sep 23 23:46:26 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Sep 23 23:46:26 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (
http://www.openssl.org/)
Sep 23 23:46:26 racoon: INFO: @(#)ipsec-tools 0.7.2 (
http://ipsec-tools.sourceforge.net)
Sep 23 23:46:25 racoon: INFO: racoon shutdown
Sep 23 23:46:24 racoon: INFO: caught signal 15
en el mnowall de la ip dinamica de ADSL (infinitum Telmex)
Sep 23 12:48:59 racoon: INFO: caught signal 15
Sep 23 12:49:00 racoon: INFO: racoon shutdown
Sep 23 12:49:01 racoon: INFO: @(#)ipsec-tools 0.7.2 (
http://ipsec-tools.sourceforge.net)
Sep 23 12:49:01 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (
http://www.openssl.org/)
Sep 23 12:49:01 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Sep 23 12:49:01 racoon: INFO: ip publica[500] used as isakmp port (fd=9)
Sep 23 12:49:01 racoon: INFO: ip publica[500] used for NAT-T
Sep 23 12:49:01 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=10)
Sep 23 12:49:01 racoon: INFO: 127.0.0.1[500] used for NAT-T
Sep 23 12:49:01 racoon: INFO: 10.0.1.4[500] used as isakmp port (fd=11)
Sep 23 12:49:01 racoon: INFO: 10.0.1.4[500] used for NAT-T
Sep 23 12:49:01 racoon: ERROR: such policy already exists. anyway replace it: 10.0.1.0/24[0] 10.0.1.4/32[0] proto=any dir=in
Sep 23 12:49:01 racoon: ERROR: such policy already exists. anyway replace it: 192.168.10.0/24[0] 10.0.1.4/32[0] proto=any dir=in
Sep 23 12:49:01 racoon: ERROR: such policy already exists. anyway replace it: 10.0.1.4/32[0] 10.0.1.0/24[0] proto=any dir=out
Sep 23 12:49:01 racoon: ERROR: such policy already exists. anyway replace it: 10.0.1.4/32[0] 192.168.10.0/24[0] proto=any dir=out
Cual puede ser el problema?
ya tengo trabajando otra vpn pero con ip fijas publicas
Topic: vpn Ipsec