[Openswan Users] Testconfig with Openswan 2.1.5 on Suse 9.1 not
working
David Clymer
dclyme at hrcsb.org
Fri Sep 17 10:12:02 CEST 2004
Thus quoth t.henneberger at hcs-computer.de:
> To: users at lists.openswan.org
> From: t.henneberger at hcs-computer.de
> Subject: Re: [Openswan Users] Testconfig with Openswan 2.1.5 on Suse 9.1 not
> working
>
> > On Fri, 17 Sep 2004 Paul wrote:
> >
> > DO NOT use manual keying. You should be using the 'ipsec auto' command for
> > bringing up any connections (or use auto=start and just restart the service)
> >
> > What is the authentication method you want to use? you do not specify
> > anything here? I don't see any rsakeys or PSKs or certificate information.
>
> I want to start the most basic connection there is to test if ipsec is
> running etc..
>
> I would like to establish a connection with a simple preshared key,
> so I would have to use manual keying, right?
no.
>
> Maybe there are some basic examples on the net for the following config:
>
> Win2k at 192.168.1.110 establishing a VPN Connection to Suse 9.1 on 192.168.1.220 with a Presharedkey.
>
> Oh btw, please don't think I am using this mailinglist as simple shortcut,... I read tons of howtos, googled for hours on end, but I don't seem to find what I need. Most examples are for older versions, or x.509, or with thousands of hops in between etc..
>
Example for debian GNU/Linux kernel 2.4.26 & openswan 2.1.3.
ipsec.conf:
# PSK connection
conn pskconn
# general options
type=tunnel
keyexchange=ike
pfs=yes
authby=secret
# Left security gateway, subnet behind it, next hop toward right.
left=192.168.2.2
leftsubnet=192.168.0.0/16
# Right security gateway, subnet behind it, next hop toward left.
right=44.33.22.11
rightsubnet=192.168.40.0/24
auto=start
ipsec.secrets:
: PSK "your psk passwd"
-davidc
More information about the Users
mailing list