Re: Some ipsec questions

To: debian-firewall@lists.debian.org
Subject: Re: Some ipsec questions
From: "Milan P. Stanic" <mps@arvanta.net>
Date: Mon, 15 Feb 2010 17:58:39 +0100
Message-id: <20100215165839.GA10698@arvanta.net>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <679476.31260.qm@web28612.mail.ukl.yahoo.com>
References: <679476.31260.qm@web28612.mail.ukl.yahoo.com>

On Mon, 2010-02-15 at 11:34, Pier wrote:
> Hi.
> I'm having some trouble trying to make a vpn ipsec between my debian firewall and a cisco asa.
> 
> The confs are like this:
> 
> 
> 192.168.1.0/24-----------1.1.1.1-----------2.2.2.2-----------10.13.10.x/24
> my net                  my firewall        cisco asa          remote net
> 
> 
> When the tunnel is down, if i try to ping from 192.168.1.0/24 to 10.13.10.x/24 the tunnel is not going up automatically, but instead i have to do a racoonctl cpn-connect 2.2.2.2.
                                ^^^
You mean "vpn-connect". Right?

> Is that normal or i made something wrong?

Yes, it is normal if you configured racoon in xauth_(rsa\|psk)_client
mode and to get SPD policy from the peer.

-- 
Kind regards,  Milan
--------------------------------------------------
Arvanta, IT Security        http://www.arvanta.net
Please do not send me e-mail containing HTML code.

Reply to:

Follow-Ups:
- Re: Some ipsec questions
  - From: Pierguido <pierg75@yahoo.it>

References:
- Some ipsec questions
  - From: Pier <pierg75@yahoo.it>

Prev by Date: Some ipsec questions
Next by Date: Re: Some ipsec questions
Previous by thread: Some ipsec questions
Next by thread: Re: Some ipsec questions
Index(es):
- Date
- Thread