Linux | FreeBSD | OpenBSD | NetBSD | BSDI | AIX | Solaris/SunOS | Tru64 | HP-UX | IRIX | Minux | SCO Unix | Mac OS X

UNIX Resources » Linux » China Linux Forum » Linux防火墙和代理服务器应用 » 第4页 » freeswan 的问题?

声明: 本页内容为中国Linux论坛的内容镜像，文章的版权以及其他所有的相关权利属于中国Linux论坛和相应文章的作者，如果转载，请注明文章来源及相关版权信息。

Resources China Linux Forum(finished) Linux Forum(finished) FreeBSD China(finished) linuxforum.net   业界新闻与评论   自由软件杂谈   IT 人生   Linux软件快递   翻译作坊   Linux图书与评论   GNU Emacs/XEmacs   Linux 中文环境和中文化   Linux桌面与办公软件   Linux 多媒体与娱乐版   自由之窗Mozilla   笔记本电脑上的Linux   Gentoo   Debian 一族   网络管理技术   Linux 安装与入门   WEB服务器和FTP服务器   域名服务器和邮件服务器   Linux防火墙和代理服务器应用   文件及打印服务器   技术培训与认证   Linux内核技术   Linux 嵌入技术   Linux设备驱动程序   Linux 集群技术   LINUX平台数据库   系统和网络安全   CPU 与 编译器   系统计算研究所专栏   Linux下的GUI软件开发   C/C++编程版   PHP 技 术   Java&jsp技术   Shell编程技术   Perl 编 程   Python 编 程   XML/Web Service 技术   永远的Unix   FreeBSD世界

freeswan 的问题? Author: leeshasr    Posted: 2005-11-30 17:26    Length: 6,797 byte(s) [Original] [Print] [Top] 我的VPN采用FREESWAN 有六个点.其他5个点都是成功的.只有一个不成功. LEFT : ipsec whack --status | grep dygsgl7 000 "dygsgl7-dygscenter1": 91.0.0.0/8===221.237.21.211[@dygscenter.3322.org]---221.237.16.1...221.237.16.1---220.166.249.70[@dygsgl7.3322.org]===192.168.8.0/24; erouted; eroute owner: #6 000 "dygsgl7-dygscenter1": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "dygsgl7-dygscenter1": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 8,24; interface: ppp0; 000 "dygsgl7-dygscenter1": newest ISAKMP SA: #2; newest IPsec SA: #6; 000 "dygsgl7-dygscenter2": 130.0.0.0/8===221.237.21.211[@dygscenter.3322.org]---221.237.16.1...221.237.16.1---220.166.249.70[@dygsgl7.3322.org]===192.168.8.0/24; erouted; eroute owner: #5 000 "dygsgl7-dygscenter2": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "dygsgl7-dygscenter2": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 8,24; interface: ppp0; 000 "dygsgl7-dygscenter2": newest ISAKMP SA: #0; newest IPsec SA: #5; 000 #6: "dygsgl7-dygscenter1" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 26503s; newest IPSEC; eroute owner 000 #6: "dygsgl7-dygscenter1" esp.73b6646b@220.166.249.70 esp.9834f952@221.237.21.211 tun.0@220.166.249.70 tun.0@221.237.21.211 000 #2: "dygsgl7-dygscenter1" STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 1433s; newest ISAKMP 000 #5: "dygsgl7-dygscenter2" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 26458s; newest IPSEC; eroute owner 000 #5: "dygsgl7-dygscenter2" esp.59550504@220.166.249.70 esp.ee193751@221.237.21.211 tun.0@220.166.249.70 tun.0@221.237.21.211 RIGHT: ipsec whack --status 000 interface lo/lo ::1 000 interface lo/lo 127.0.0.1 000 interface eth0/eth0 192.168.8.1 000 interface ppp0/ppp0 220.166.249.70 000 %myid = (none) 000 debug none 000 000 "dygsgl7-dygscenter1": 192.168.8.0/24===220.166.249.70[@dygsgl7.3322.org]---221.237.16.1...221.237.16.1---221.237.21.211[@dygscenter.3322.org]===91.0.0.0/8; erouted; eroute owner: #22 000 "dygsgl7-dygscenter1": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "dygsgl7-dygscenter1": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 8,24; interface: ppp0; 000 "dygsgl7-dygscenter1": newest ISAKMP SA: #20; newest IPsec SA: #22; 000 "dygsgl7-dygscenter1": IKE algorithms wanted: 5_000-1-5, 5_000-2-5, 5_000-1-2, 5_000-2-2, flags=-strict 000 "dygsgl7-dygscenter1": IKE algorithms found: 5_192-1_128-5, 5_192-2_160-5, 5_192-1_128-2, 5_192-2_160-2, 000 "dygsgl7-dygscenter1": IKE algorithm newest: 3DES_CBC_192-MD5-MODP1536 000 "dygsgl7-dygscenter1": ESP algorithms wanted: 3_000-1, 3_000-2, flags=-strict 000 "dygsgl7-dygscenter1": ESP algorithms loaded: 3_192-1_128, 3_192-2_160, 000 "dygsgl7-dygscenter1": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<Phase1> 000 "dygsgl7-dygscenter2": 192.168.8.0/24===220.166.249.70[@dygsgl7.3322.org]---221.237.16.1...221.237.16.1---221.237.21.211[@dygscenter.3322.org]===130.0.0.0/8; erouted; eroute owner: #21 000 "dygsgl7-dygscenter2": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "dygsgl7-dygscenter2": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 8,24; interface: ppp0; 000 "dygsgl7-dygscenter2": newest ISAKMP SA: #0; newest IPsec SA: #21; 000 "dygsgl7-dygscenter2": IKE algorithms wanted: 5_000-1-5, 5_000-2-5, 5_000-1-2, 5_000-2-2, flags=-strict 000 "dygsgl7-dygscenter2": IKE algorithms found: 5_192-1_128-5, 5_192-2_160-5, 5_192-1_128-2, 5_192-2_160-2, 000 "dygsgl7-dygscenter2": ESP algorithms wanted: 3_000-1, 3_000-2, flags=-strict 000 "dygsgl7-dygscenter2": ESP algorithms loaded: 3_192-1_128, 3_192-2_160, 000 "dygsgl7-dygscenter2": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<Phase1> 000 000 #60: "dygsgl7-dygscenter1" STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_RETRANSMIT in 15s 000 #59: "dygsgl7-dygscenter1" STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_RETRANSMIT in 15s 000 #22: "dygsgl7-dygscenter1" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 27110s; newest IPSEC; eroute owner 000 #22: "dygsgl7-dygscenter1" esp.9834f952@221.237.21.211 esp.73b6646b@220.166.249.70 tun.0@221.237.21.211 tun.0@220.166.249.70 000 #20: "dygsgl7-dygscenter1" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1908s; newest ISAKMP 000 #21: "dygsgl7-dygscenter2" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 27109s; newest IPSEC; eroute owner 000 #21: "dygsgl7-dygscenter2" esp.ee193751@221.237.21.211 esp.59550504@220.166.249.70 tun.0@221.237.21.211 tun.0@220.166.249.70 000 请教大家问题何在? 此线路也是近期才出问题的. . [Original] [Print] [Top] « Previous thread 请教一个关于ip rule命令的问题 Linux防火墙和代理服务器应用 第4页 Next thread » 关于在一台机器上设置两个ADSL帐户的问题?

输入您的搜索字词 提交搜索表单   WEB unixresources.net

Copyright © 2007 UNIX Resources Network, All Rights Reserved.      About URN | Privacy & Legal | Help | Contact us

备案序号: 京ICP备05006143    webmaster: webmaster@unixresources.net

This page created on 2008-07-17 02:58:39, cost 0.057116985321045 ms.