[Openswan Users] Re: [Openswan dev]

Paul Wouters paul at xelerance.com
Thu Nov 4 23:48:21 CET 2004


On Thu, 4 Nov 2004, Richard Cai wrote:

>        does the openswan2.2.0 support using PSKs over a NAT-ed connection between two openswan linux server?

Yes, if you use a rightid= and leftid=. The defaults for ID's are the IP addresses, which
no longer match because of the NAT.

But, I see no reason why to use PSK on openswan-openswan connections. It's harder to setup 
and less secure then using raw rsa keys.

Paul


More information about the Users mailing list