Hi,
I am trying to establish vpn between my linux server and cisco asa at client side.
I installed openswan on my cent os.
Linux Server
eth0 - 182.2.29.10 [ I have public IP]
Gateway - 182.2.29.1 [ and gw]
eth1 - 192.9.200.75 [ Internal Lan i/f]
I have simple IPtables Like
WAN="eth0"
LAN="eth1"
iptables -t nat -A POSTROUTING -o $WAN -j SNAT --to 182.2.29.10
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i $LAN -j ACCEPT
iptables -A INPUT -i $WAN -j ACCEPT
iptables -A FORWARD -i lo -j ACCEPT
iptables -A FORWARD -i $LAN -j ACCEPT
iptables -A FORWARD -i $LAN -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $WAN -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -s 192.9.200.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -d 192.9.200.0/255.255.255.0 -j ACCEPT
iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
Client side Cisco ASA - Device
Provided details :
BD gateway ip is 212.2.7.15 [ Public IP]
Source IP :- 192.168.91.224
ESP-3DES-SHA1
Lifetime is 86400 seconds (Phase-1) & 3600 seconds (Phase-2)
Authentication is pre-shared
I need advise on configuring ipsec.conf and ipsec.secrets and what IP tables rules I need to add / modify.
Thanks
Best
Ashok