[Openswan Users] no default routes
Chris McKeever
techjedi at gmail.com
Mon Sep 20 19:32:42 CEST 2004
On Mon, 20 Sep 2004 22:48:12 +0200 (MET DST), Paul Wouters
<paul at xelerance.com> wrote:
> On Mon, 20 Sep 2004, Chris McKeever wrote:
>
> >> You did not define authby=secret, so openswan is using rsa.
> >>
> >
> > where is authby defined?? Is there a good howto regarding it (I
> > unfortunately have not found any definitive howto) openswan does
> > complain when I dont have the right PSK in the ipsec.secrets file --
>
> See 'man ipsec.conf'
>
> >> SSH sentinal wants to use PSK's, but you didn't tell openswan to
> >> use PSK, so it is using rsa and rejects this connection.
> >>
> >
> > Is there any howto on conifugring openswan with PSK v. RSA?
>
> Just add authby=secret to the conn definition.
>
> But as I said, your current "tunnel" cannot work because the
> gateway is in the network you want to tunnel.
>
> Paul
>
The following ipsec.conf allows for a connection..I can ping both
sides of the openswan machine (192.168.250.1/192.168.0.13) - but that
is about it, I cant ping anything else on the 192.168.0.0 network)
I am going to assume that this is caused by your statement right
above..so, is there anyway I can make this connection work as I am
trying?
config setup
interfaces="ipsec0=eth1"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
plutowait=no
uniqueids=yes
conn %default
keyingtries=0
conn statis
left=192.168.250.1
leftsubnet=192.168.0.0/24
leftnexthop=%direct
right=%any
#rightsubnet=192.168.200.0/24
#rightnexthop=192.168.250.1
compress=no
auto=add
ike=aes,3des
esp=aes,3des
More information about the Users
mailing list