[Openswan Users] Netscreen Interoperability.

Jim Buttafuoco jim at contactbda.com
Sun Oct 17 17:23:14 CEST 2004


Nico,

I to am trying to get openswan working with netscreen (preshared keys).  Can you share the netscreen config entries 
and your ipsec.conf?

Thanks
Jim



---------- Original Message -----------
From: Nico Baggus <nico at noci.xs4all.nl>
To: users at openswan.org
Sent: Thu, 14 Oct 2004 21:54:47 +0200
Subject: Re: [Openswan Users] Netscreen Interoperability.

> It works quite good with preshared keys....
> 
> I have no experience with RSA (not sure netscreen knows these beasts...
> 
> HIH,
> Nico
> 
> On Wednesday 13 October 2004 13:54, Rituraj Buddhisagar wrote:
> > Hi all;
> >
> > I am new to openswan. I have configured Openswan of FC2 with
> > openswan-2.2.0-2fc2.i386.rpm.
> > We need to interoperate with Netscreen 5xt with Openswan. How do I edit
> > /etc/ipsec.conf?
> > The doc says to edit as follows:
> >
> > conn net-to-net
> >     left=192.168.0.1                 # Local vitals
> >     leftsubnet=192.168.0.0/24      #
> >     leftid=@nevisvpn01.pune.nevisnetworks.com         #
> >
> >     leftrsasigkey=xxxxxxxxxxxxEXISTING KEY OF THIS
> > HOSTxxxxxxxxxxxxxxxxxx
> >
> >     leftnexthop=%defaultroute      # correct in many situations
> >     right=192.168.2.1                # Remote vitals
> >     rightsubnet=192.168.2.0/24        #
> >     rightid=@ab.example.com        #
> >
> >     rightrsasigkey=0sAQOqH55O...   #
> > ????????How do I find this out?
> >
> >     rightnexthop=%defaultroute     # correct in many situations
> >     auto=add                       # authorizes but doesn't start this
> >                                    # connection at startup
> >
> >
> > How do I find out righthost rsa key on netscreen ? I googled but did not
> > succeed.
> > Please do let me know.
> >
> > Regards;
> > Rituraj
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
------- End of Original Message -------



More information about the Users mailing list