[Openswan Users] openswan-2.1.0rc1 + linux-2.6.4 + manual keying
to cisco 7200 ios 12.2
Michael Richardson
mcr at sandelman.ottawa.on.ca
Thu Mar 25 10:14:25 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Niki" == Niki Waibel <niki.waibel at newlogic.com> writes:
Niki> /etc/ipsec.secrets: 12.12.12.12 11.11.11.11: PSK
Niki> "xxxxxxxxxxxxxxxx"
Niki> # ipsec manual --iam 12.12.12.12 at eth:2 --up openswan_cisco
Niki> be sufficient?
No.
Manually keying means setting all of the IPsec parameters yourself.
You'd do that with "ipsec spi" on Openswan w/KLIPS, and "setkey" on
26sec. Nobody should be manually anything unless they are testing.
If you are setting something into ipsec.secrets, then you are doing
automatic keying, using pre-shared secrets to authenticate.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQGL3ToqHRg3pndX9AQEq8gQA0fqDkZgxyX33NeMy5AmEwDUArRjN8wbh
kATAfdpM57Z7H0jX+6VgnBfCtBy1sDQytUB8Hzcl1L5g4R5gjhp75e5e1BfAJBhg
hztgr0UR0kgUzM4T5549jw6e4DftssGJcgGSiJxrtcl3EA4c3zRBZHqG/qugsd+n
fXJ9IVsXcMc=
=9/lj
-----END PGP SIGNATURE-----
More information about the Users
mailing list