[Openswan Users] Re: Problems setting up IPSec on RHEL 3
Paul Wouters
paul at xelerance.com
Tue Aug 10 21:31:58 CEST 2004
On Thu, 5 Aug 2004, Matthew Claridge wrote:
> Thanks for the reply Paul - RedHat are still mulling over those bugs,
Ok.
> and my ipsec interface setup currently looks like this:
>
> TYPE=IPSEC
> ONBOOT=yes
> IKE_METHOD="PSK"
> SRC=172.18.a.b
> DST=145.224.g.h
> DSTGW=194.73.e.f
> SRCGW=62.189.c.d
> SRCNET=172.18.x.x/24
> DSTNET=145.224.0.0/16
You can try and install an openswan rpm. this will give you just the userland,
and it will use the RHEL3 kernel ipsec code.
your redhat initscript-ism translates to:
in /etc/ipsec.secrets add:
62.189.c.d 194.73.e.f : PSK "yoursecret"
in /etc/ipsec.conf add:
conn rhel3-tunnel
left=62.189.c.d
leftsubnet=172.18.x.x/24
right=194.73.e.f
rightsubnet=145.224.0.0/16
authby=secret
auto=start
You can build an rpm by downloading the tarball, untarring it
and run: rpmbuild -ba openswan/packaging/redhat/openswan.26spec
Do use openswan-2, since openswan-1 doesn't support the ipsec backport
code.
Paul
More information about the Users
mailing list