Re: Some ipsec questions
On Mon, 2010-02-15 at 11:34, Pier wrote:
> Hi.
> I'm having some trouble trying to make a vpn ipsec between my debian firewall and a cisco asa.
>
> The confs are like this:
>
>
> 192.168.1.0/24-----------1.1.1.1-----------2.2.2.2-----------10.13.10.x/24
> my net my firewall cisco asa remote net
>
>
> When the tunnel is down, if i try to ping from 192.168.1.0/24 to 10.13.10.x/24 the tunnel is not going up automatically, but instead i have to do a racoonctl cpn-connect 2.2.2.2.
^^^
You mean "vpn-connect". Right?
> Is that normal or i made something wrong?
Yes, it is normal if you configured racoon in xauth_(rsa\|psk)_client
mode and to get SPD policy from the peer.
--
Kind regards, Milan
--------------------------------------------------
Arvanta, IT Security http://www.arvanta.net
Please do not send me e-mail containing HTML code.
Reply to: