I having establishing a vpn tunnel to a remote peer/public ip using amazon ec2 openswan. The tunnel is up but no traffic has been seen on our side or the remote side? Is there I been missing? Please see my config.
My /etc/ipsec.conf
config setup
dumpdir=/var/run/pluto/
protostack=netkey
nat_traversal= yes
plutodebug=all
plutostderrlog=/var/log/pluto.log
oe=off
include /etc/ipsec.d/*.conf
My /etc/ipsec.d/con-name.conf
conn con-name
type=tunnel
compress=no
auto=start
# Define IKE policy
authby=secret
ike=aes256-sha1
ikelifetime=86400s
# Define IPSec policy
auth=esp
esp=aes256-sha1
pfs=no
keyexchange=ike
rekey=yes
forceencaps=yes
keylife=28800s
left=%defaultroute
leftid=<my vpn public ip>
leftsubnet=<my internal vpn ip>/32 # 10.x.x.x
leftsourceip=<my vpn public ip>
right=<remote vpn public ip>
rightid=%defaultroute
rightsubnet=<remote internal ip>/32 # 192.x.x.x
rightsourceip=<remote vpn public ip>
My VPN server is on 10.x.x.x white remote ip was 192.x.x.x
Here are the things I disabled.
1. Disable firewall on the OS layer on my vpn server.
2. Put route tables on the amazon vpc.
3. Disable Source/Destination on amazon ec2
I have been using telnet to communicate with the remote ip but connection timeout. Pinging the remote side from my vpn server ping 192.x.x.x. The remote server is a CISCO IOS router.
Can you help mo on this? Troubleshooting this within a week now.
