Quantcast
Channel: linuxadmin: Expanding Linux SysAdmin knowledge
Viewing all articles
Browse latest Browse all 17838

Need assistance with openswan routing

$
0
0

Hi there,

Trying to setup an IPSec tunnel between our office Meraki MX appliance and AWS. I have an EC2 instance running openswan already.

EC2: 172.31.0.0/16 EC2 Public IP: 54...72

Office: 192.168.10.1/24 Office IP: 142...146

/etc/ipsec.conf:

config setup plutodebug=all plutostderrlog=/var/log/pluto.log protostack=netkey nat_traversal=yes virtual_private=%v4:192.168.10.0/24,%v4:10.20.10.0/23 

connection configuration:

conn office authby=secret ike=aes256-sha1 keyexchange=ike phase2=esp phase2alg=aes256-sha1 ikelifetime=28800s keylife=3600s compress=no pfs=no type=tunnel left=172.31.22.7 leftsubnet=172.31.0.0/16 leftsourceip=54.*.*.72 right=142.*.*.146 rightsubnet=192.168.10.0/24 rightnexthop=142.*.*.146 auto=start 

I'm able to create the tunnel, get past phase1 and 2, but there is some weird routing related issues here. From EC2, I can ping the 192.168.10.1, but nothing else. From the office, I can't ping anything.

Pretty sure I'm missing a really big chunk of the networking details here, but what is it? How would one go about debugging?

submitted by 0x570x690x6c0x6c
[link][1 comment]

Viewing all articles
Browse latest Browse all 17838

Trending Articles