[Openswan Users] Virtual interfaces and digital certificates
Hugo Mora
humoib at gmail.com
Mon Apr 4 13:23:32 CEST 2005
Hi all, I need your help.
- I am creating an web interface to manage ipsec connections. Virtual
interfaces limit is set on IPSEC_NUM_IF (now is set to 4), defined on
ipsec_param.h. If my "real" interfaces have some ip addresses,
theorically, users could create a lot of ipsec tunnels, but I don't
know how to reuse
ipsec0=eth0
ipsec1=eth1
ipsec2=eth0:0
ipsec3=eth0:1
ipsec4=eth0:2
ipsec5=eth0:3 ..... And how much??
Setting only "ipsec0=eth0 ipsec1=eth1" doesn't work? Where is my mistake?
- Another question: Do I need the CA certificate on "cacerts/" folder?
I thought that *yes*, but if I delete it, the tunnel still connect...
How the certificates are verifyed?
Thanks a lot!
--
-- Hugo Mora [ humoib @ gmail.com ]
More information about the Users
mailing list