[Openswan Users] x509 and OpenSWAN
geoffrey
geoffrey at ticom.com
Mon Apr 4 18:06:37 CEST 2005
Is there somewhere that documents all of the x509 stuff (i.e.
configuration options, etc.) for the OpenSWAN v2.x.x series? I have read
Nate Carlson's webpage about using x509 certs and OpenSWAN and have a
decent understanding of what is going on, but somethings are never
explained. For example, what is the meaning of the following:
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
I understand that it is a declaration of virtual private network
segments, but why is it used? How will it affect the routing? On a
related note, what is the meaning of this?
rightsubnet=vhost:%no,%priv
What does the %no mean? I'm guessing the %priv means that the
rightsubnet will fall under one of those previously declared subnets,
yes? If my local subnet is 192.168.100.0/24, do I need to exclude it in
the virtual_private declaration? How would I do so? Thanks for any clues.
geoffrey
--
++++++++++++++++++++++++++
This space intentionally
left non-blank
++++++++++++++++++++++++++
More information about the Users
mailing list