<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3199" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=848383507-13122007><FONT face=Arial size=2>For some testing
purpose, I have to config ipsec to use maual keying. Below is the ipsec.conf I
use. After start ipsec, I use "ipsec auto --up test" but it reports connection
test not found error. If I add auto=start in ipsec.conf, the connection can
be started, but it always start with IKE instead of manual keying. Did I do
anything wrong in the configuration? Thanks a lot in advance</FONT></SPAN></DIV>
<DIV><SPAN class=848383507-13122007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=848383507-13122007><FONT face=Arial size=2># /etc/ipsec.conf -
Openswan IPsec configuration file<BR># RCSID $Id: ipsec.conf.in,v 1.15.2.6
2006/10/19 03:49:46 paul Exp $</FONT></SPAN></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><SPAN class=848383507-13122007><FONT face=Arial size=2># This file:
/usr/local/share/doc/openswan/ipsec.conf-sample<BR>#<BR>#
Manual: ipsec.conf.5</FONT></SPAN></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV><SPAN class=848383507-13122007>
<DIV><FONT face=Arial size=2></FONT><BR><FONT face=Arial
size=2>version 2.0 # conforms to second version of ipsec.conf
specification</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial><FONT size=2># basic configuration<BR>config
setup<BR> # plutodebug / klipsdebug = "all", "none" or a combation from
below:<BR> # "raw crypt parsing emitting control klips pfkey natt x509
private"<BR> # eg: plutodebug="control parsing"<BR> #<BR> # ONLY
enable plutodebug=all or klipsdebug=all if you are a developer
!!<BR> #<BR> # NAT-TRAVERSAL support, see
README.NAT-Traversal<BR> <SPAN class=848383507-13122007>#
</SPAN>nat_traversal=yes<BR> #
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12<BR> #<BR> #
enable this if you see "failed to find any available worker"<BR> <SPAN
class=848383507-13122007>#</SPAN>nhelpers=0<BR> <SPAN
class=848383507-13122007>#</SPAN></FONT></FONT><A
href="mailto:myid=@lefthost"><FONT face=Arial
size=2>myid=@lefthost</FONT></A><BR><FONT face=Arial
size=2> interfaces="ipsec0=eth0"<BR># Add connections
here<BR>conn <SPAN
class=848383507-13122007>test</SPAN><BR> left=192.168.0.100<BR> </FONT><A
href="mailto:leftid=@lefthost"><FONT face=Arial
size=2>leftid=@lefthost</FONT></A><BR><FONT face=Arial
size=2> right=192.168.0.101<BR> </FONT><A
href="mailto:rightid=@righthost"><FONT face=Arial
size=2>rightid=@righthost</FONT></A><BR><FONT face=Arial
size=2> spi=234<BR> esp=3des-md5-96<BR> espenckey=0x74545745_53fdab78_72306395_cde63499_65345230_a5163490<BR> espauthkey=0x62454545_0ab62347_19450485_b7364340<BR> <BR>#
sample VPN connections, see /etc/ipsec.d/examples/</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>#Disable Opportunistic
Encryption</FONT></SPAN></DIV></BODY></HTML>