Thanks George

The link you suggested gave me the clues I needed to get the VPN up and running which has been running stable for over 2 weeks now :-)

After looking at the phase1-up.sh script things got a lot easier

Thanks again everyone for your help

Zac





On 5/24/06, George Borisov <george@dxsolutions.co.uk > wrote:
Zac Barton wrote:

> My local machines ip is 192.168.0.99
> Remote VPN gateway public ip 217.150.xxx.yyy
> Remote VPN private network 10.0.0.0 (255.255.255.0)
> My VPN client address 172.16.34.5 (If the VPN does connect a user with
> ip 10.0.0.110 can view my machine (192.168.0.99) thru this ip address)

and

> sainfo address 172.16.34.5 any address 10.0.0.0/24 any

and

> spdadd 10.0.0.0/24 172.16.34.5/32 any -P in ipsec
> esp/tunnel/217.150.xxx.yyy-192.168.0.99/require;
> spdadd 172.16.34.5/32 10.0.0.0/24 any -P out ipsec
> esp/tunnel/192.168.0.99-
> 217.150.xxx.yyy/require;

I think your problem is to do with the IPSec policies. I have had a look
at using racoon as a VPN client and it looks a little bit different to
the LAN-LAN setup I am using (in terms of generating the policies.)

Have a look here:
http://www.netbsd.org/Documentation/network/ipsec/rasvpn.html#client_conf

Also, look at the files in your
"/usr/share/doc/racoon/examples/roadwarrior/client" folder.


Hope this helps,

--
George Borisov

DXSolutions Ltd