<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi,<br>
<br>
it should be similar to this:<br>
<br>
-----------------<br>
config setup<br>
nat_traversal=yes<br>
virtual_private=%v4<a moz-do-not-send="true"
href="http://172.7.7.7/32">172.7.7.7/32</a>:,%v4:!<a
moz-do-not-send="true" href="http://10.5.5.5/32">10.5.5.5/32</a><br>
oe=off<br>
protostack=netkey<br>
# force_keepalive=yes<br>
# keep_alive=30<br>
conn ec2-to-juniper<br>
connaddrfamily=ipv4<br>
type=tunnel<br>
authby=secret<br>
# ike=3des-sha1;modp1536<br>
phase2=esp<br>
# phase2alg=3des-sha1;modp1536<br>
forceencaps=yes<br>
pfs=yes<br>
#<br>
# dpddelay=30<br>
# dpdtimeout=120<br>
# dpdaction=restart<br>
#<br>
left=10.254.254.254<br>
leftid=59.59.59.59<br>
leftnexthop=%defaultroute<br>
leftsubnet=<a moz-do-not-send="true" href="http://10.5.5.5/32">10.5.5.5</a>/32<br>
leftsourceip=<a moz-do-not-send="true" href="http://10.5.5.5/32">10.5.5.5</a><br>
#<br>
right=202.2.2.2<br>
rightsubnet=<a moz-do-not-send="true" href="http://172.7.7.7/32">172.7.7.7/32</a><br>
#<br>
auto=add<br>
-----------------<br>
<br>
Regards<br>
Alex<br>
<br>
On 12/05/2010 12:19 PM, Hammad wrote:
<blockquote
cite="mid:AANLkTinkez18swYoHDzCdXWCdJnt74PNXwS7vhp4BDar@mail.gmail.com"
type="cite">
<div dir="ltr">Hi,<br>
<br>
Can somebody help to put the pieces of puzzle together for configuring
openswan on EC2;<br>
<br>
My Elastic Ip: 59.59.59.59<br>
My EC2 Instance IP: 10.254.254.254<br>
My encryption domain (a virtual interface created to cater dynamic IPs
on EC2 instance/restart persistent): <a moz-do-not-send="true"
href="http://10.5.5.5/32">10.5.5.5/32</a><br>
<br>
Other end public (Using Netscreen/juniper): 202.2.2.2<br>
Other end encrypted domain: <a moz-do-not-send="true"
href="http://172.7.7.7/32">172.7.7.7/32</a><br>
<br>
1) How do I fill in following fields for this connection;<br>
left=<br>
leftid=<br>
leftnexthop=<br>
leftsubnet=<br>
right=<br>
rightnexthop=<br>
rightsubnet=<br>
rightid=<br>
<br>
<br>
2) My EC2 provides me firewall webinterface; do I need to configure my
iptables in that case? for masquerading etc?<br>
<br>
Regards,<br>
Hammad<br>
</div>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
<br>
</body>
</html>