> hi all
>
>
>  
>
>
> i try to establish ipsec vpn
>
>
>  
>
>
> Network-A                     
>
>
> 192.168.200.0/24 
>
>
>            +
>
>
>            +
>
>
>            +
>
>
> 192.168.200.254 
>
>
> Gateway A 
>
>
>      1.1.1.1 
>
>
>            +
>
>
>            + 
>
>
>            +
>
>
>            +
>
>
>            +
>
>
>       2.2.2.1
>
>
> Gatewat B
>
>
> 192.168.1.254
>
>
>            +
>
>
>            +
>
>
>            +
>
>
> Network-B
>
>
> 192.168.1.0/24    
>
>
>  
>
>
> I wnat manual  racoon configure  to do it,
>
>
> before i try manual  racoon configure.
>
>
> I try another method  "ifup ipsec0".
>
>
> ipsec tunnel has be  established.
>
>
> and i can ping 192.168.200.254 on gateway B
>
>
>
>
http://ipsec-tools.sourceforge.net/checklist.html
l found something i miss.

gateway A
ip route add to 192.168.1.0/24 via 192.168.200.254 src 192.168.200.254

gateway B
ip route add to 192.168.200.0/24 via 192.168.200.254 src 192.168.1.254

ping 192.168.1.254 on gateway A
resource temporarily unavailable

ping 192.168.200.254 on gateway B
resource temporarily unavailable

then racoon begin Identity Protection mode, and make ipsec tunnel work.


then i can ping 192.168.1.254 on gateway A

but i add a ftp 192.168.200.2 on network A
i can't ping 192.168.200.2 on gateway B

thaks for any advice
best regard

Paul Lee