Box CheckPoint
IKE
3DES-MD5-MODP1024
PSK
As duas pontas tem link dedicado, com IP fixo.
Meu /etc/ipsec.conf
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
conn checkpoint-freeswan
type=tunnel
left=189.x.x.z
right=189.x.x.y
keyexchange=ike
auth=esp
auto=start
authby=secret
ike=3des-md5-modp1024
esp=3des-md5
pfs=no
conn net-checkpoint-net-freeswan
type=tunnel
left=189.x.x.z
leftsubnet=
10.1.0.0/16
right=189.x.x.y
rightsubnet=
192.168.0.0/24 keyexchange=ike
auth=esp
auto=start
authby=secret
ike=3des-md5-modp1024
esp=3des-md5
pfs=no
Meu /etc/ipsec.secrets
189.x.x.z 189.x.x.y : "minhaChaveSecreta"
Eu segui esse exemplo aqui:
http://www.fw-1.de/aerasec/ng/vpn-freeswan/CP-FW1-NG+Linux-FreeSWAN-Gateway.html
Conferi
todos os dados corretamente em meu /etc/ipsec.conf e /etc/ipsec.secrets
Porém quando rodo o ipsec setup --start o log me retorna o seguinte:
Aug
12 17:35:29 xwindow ipsec__plutorun: 022 "checkpoint-freeswan": we
cannot identify ourselves with either end of this connection
Aug 12 17:35:29 xwindow ipsec__plutorun: 022
"net-checkpoint-net-freeswan": we cannot identify ourselves with either
end of this connection
Aug 12 17:35:29 xwindow ipsec__plutorun: 022
"checkpoint-freeswan": We cannot identify ourselves with either end of
this connection.
Aug 12 17:35:29 xwindow ipsec__plutorun: 022
"net-checkpoint-net-freeswan": We cannot identify ourselves with either
end of this connection.
E não estabiliza o túnel.
Alguém já fechou VPN entre o Linux e CheckPoint?
Obrigado.