<div dir="ltr">Thanks, <div><br></div><div>1) what about this connection&#39;s ipsec.secret look like?<div><blockquote type="cite"><div><div class="h5"><div dir="ltr">59.59.59.59 202.2.2.2 : PSK &quot;presharedKey&quot;</div>
</div></div></blockquote><div dir="ltr"><div><div class="h5"><div dir="ltr">or it should be;</div><div dir="ltr">          10.254.254.254 202.2.2.2 : PSK &quot;presharedKey&quot;</div><div dir="ltr">??</div><div dir="ltr">
<br></div><div dir="ltr">2) My EC2 provides me firewall webinterface; do I need to configure my iptables in that case? for masquerading etc?</div><div dir="ltr"><br></div><div dir="ltr">Regards,</div><div dir="ltr">Hammad</div>
</div></div></div><br><div class="gmail_quote">On Sun, Dec 5, 2010 at 7:14 PM, Piavlo <span dir="ltr">&lt;<a href="mailto:piavka@cs.bgu.ac.il">piavka@cs.bgu.ac.il</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">



  

<div bgcolor="#ffffff" text="#000000">
 Hi,<br>
<br>
it should be similar to this:<br>
<br>
-----------------<br>
config setup<br>
        nat_traversal=yes<br>
        virtual_private=%v4<a href="http://172.7.7.7/32" target="_blank">172.7.7.7/32</a>:,%v4:!<a href="http://10.5.5.5/32" target="_blank">10.5.5.5/32</a><br>
        oe=off<br>
        protostack=netkey<br>
        # force_keepalive=yes<br>
        # keep_alive=30<br>
conn ec2-to-juniper<br>
        connaddrfamily=ipv4<br>
        type=tunnel<br>
        authby=secret<br>
        # ike=3des-sha1;modp1536<br>
        phase2=esp<br>
        # phase2alg=3des-sha1;modp1536<br>
        forceencaps=yes<br>
        pfs=yes<br>
        #<br>
        # dpddelay=30<br>
        # dpdtimeout=120<br>
        # dpdaction=restart<br>
        #<br>
        left=10.254.254.254<br>
        leftid=59.59.59.59<br>
        leftnexthop=%defaultroute<br>
        leftsubnet=<a href="http://10.5.5.5/32" target="_blank">10.5.5.5</a>/32<br>
        leftsourceip=<a href="http://10.5.5.5/32" target="_blank">10.5.5.5</a><br>
        #<br>
        right=202.2.2.2<br>
        rightsubnet=<a href="http://172.7.7.7/32" target="_blank">172.7.7.7/32</a><br>
        #<br>
        auto=add<br>
-----------------<br>
<br>
Regards<br>
Alex<div><div></div><div class="h5"><br>
<br>
On 12/05/2010 12:19 PM, Hammad wrote:
</div></div><blockquote type="cite"><div><div></div><div class="h5">
  <div dir="ltr">Hi,<br>
  <br>
Can somebody help to put the pieces of puzzle together for configuring
openswan on EC2;<br>
  <br>
My Elastic Ip: 59.59.59.59<br>
My EC2 Instance IP: 10.254.254.254<br>
My encryption domain (a virtual interface created to cater dynamic IPs
on EC2 instance/restart persistent): <a href="http://10.5.5.5/32" target="_blank">10.5.5.5/32</a><br>
  <br>
Other end public (Using Netscreen/juniper): 202.2.2.2<br>
Other end encrypted domain: <a href="http://172.7.7.7/32" target="_blank">172.7.7.7/32</a><br>
  <br>
1) How do I fill in following fields for this connection;<br>
         left=<br>
         leftid=<br>
         leftnexthop=<br>
         leftsubnet=<br>
         right=<br>
         rightnexthop=<br>
         rightsubnet=<br>
         rightid=<br>
  <br>
  <br>
2) My EC2 provides me firewall webinterface; do I need to configure my
iptables in that case? for masquerading etc?<br>
  <br>
Regards,<br>
Hammad<br>
  </div>
  </div></div><pre><fieldset></fieldset>
_______________________________________________
<a href="mailto:Users@openswan.org" target="_blank">Users@openswan.org</a>
<a href="http://lists.openswan.org/mailman/listinfo/users" target="_blank">http://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy" target="_blank">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan: 
<a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
  </pre>
</blockquote>
<br>
</div>

</blockquote></div><br></div></div></div>