[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(usagi-users 02557) IPsec tunnel between host and router as security gateway
- To: usagi-users@xxxxxxxxxxxxxx
- Subject: (usagi-users 02557) IPsec tunnel between host and router as security gateway
- From: Kazutaka Tachibana <Kazutaka.Tachibana@xxxxxxxxxxx>
- Date: Fri, 26 Sep 2003 15:37:55 +0900
- Cc: Kazutaka.Tachibana@xxxxxxxxxxx
- Reply-to: usagi-users@xxxxxxxxxxxxxx
Hi.
I'm runnig usagi stable 4.1 on RedHat8.0.
I try to establish IPsec tunnel (IPv4toIPv4) between security gateway
and host following network topology.
192.168.0.30
-----------------------
| HOST1 |
-----------------------
||
||
|| 192.168.0.1
-----------------------
| router |
-----------------------
| || 192.168.1.1
| ||
TUNNEL ||
| ||
| ||
-----------------------
| HOST2 |
-----------------------
192.168.1.30
so I execute following commands on HOST2 to make IPsec tunnel.
# ip tunnel add tnl0 mode ipip local 192.168.1.30 remote 192.168.1.1
# ip addr add 192.168.1.100 dev tnl0
# ip link set tnl0 up
# ip route add 192.168.0.0/24 dev tnl0
And,I use IKED"pluto".This time, security gateway is ISAKMP phase1
and phase2 Initiator, so I don't execute "ipsec auto --up tunv4" command.
# pluto --nofork --stderrlog --debug-all
# ipsec auto --add tunv4
# ipsec auto --ready
After executing above commands, IPsec SA is established between HOST2
and router.but this network communication isn't tunnel mode.
for example, packets of "ping 192.168.0.30" on HOST2 isn't include ESP or
AH header.only IP tunnel headder.
please tell me how to make IPsec tunnel between Linux and another router
as security gateway.