[Openswan Users] Progress, but still no tunnel
geoffrey
geoffrey at ticom.com
Wed Apr 6 17:24:48 CEST 2005
First of all, thank you, Jacco for Monday's pointer to the NAT-T
documentation. I now understand what those declarations mean and the
purposes they serve.
Unfortunately, I'm still not getting a tunnel up and running. Obviously
I would like to use x.509 certs to authenticate my tunnels with the
hopes of providing support to WinXP laptops in the future. From what I
have seen, using certs seems to be the most flexible means for managing
OpenSWAN connections. Anyway, I know some versions of OpenSWAN have not
played nicely with 2048 bit keys. Does this limit apply to the CA key
used to sign your end certificates as well? I have done a barf of both
ends of my attempt at connecting a Gentoo laptop to a Gentoo gateway -
both running OpenSWAN v2.3.0 with NETKEY support on 2.6.1[0|1] kernels.
So, would someone be willing to look over my barf (so to speak) and clue
me into what is wrong? It's here:
http://www.woogieworld.net/openswan-tunnel.html
The top part is the gateway/host (fenetre) and the bottom section is the
laptop (aphasia).
Thanks all.
geoffrey
--
++++++++++++++++++++++++++
This space intentionally
left non-blank
++++++++++++++++++++++++++
More information about the Users
mailing list