[Openswan dev] OpenSwan KLIPS to NETKEY
Ronen Shitrit
rshitrit at marvell.com
Mon Dec 12 14:59:57 CET 2005
Hi
I'm trying to manual connect OpenSwan to another machine using NETKEY
(ipsec kernel stack), but it seems they don't do the same
encrypt/decrypt, should this work? Any known issues? Is there any place
giving example for howto configure both sides for this kind of
connection.
Openswan ipsec.conf:
conn test_netkey
type=transport
authby=secret
left=192.168.0.1 # static IP
right=192.168.1.1 # Remote information
auto=manual
spi=0x666 # SPI number used for connection
espenckey=0x63636363_63636363_63636363_63636363_63636363_63636363
espauthkey=0x63636363_63636363_63636363_63636363
Setkey config file:
add 192.168.1.1 192.168.0.1 ah 0x666 -A hmac-md5
0x63636363636363636363636363636363;
spdadd 192.168.1.1 192.168.0.1 any -P out ipsec esp/transport//require;
spdadd 192.168.0.1 192.168.1.1 any -P in ipsec esp/transport//require;
Regards
Ronen Shitrit
Marvell Semiconductor Israel Ltd
More information about the Dev
mailing list