[Openswan Users] Forward of moderated message

Mon Jan 24 01:08:21 CET 2005

>
> 9) If you have successfully connected client freeswan/openswan
> with Netscreen 5GT can you send me right config file for freeswan ?
>

version 2.0     # conforms to second version of ipsec.conf specification

# basic configuration
config setup
        interfaces=%defaultroute
        klipsdebug=none
        plutodebug=none
        uniqueids=yes


# defaults for subsequent connection descriptions
conn %default
        keyingtries=3
        authby=rsasig

conn netscreen
        auto=start
        authby=secret
        pfs=yes
        keylife=3600
        left=<MyIpAddress>
        leftsourceip=<my inside addres of the Firewall> #to allow it to \
        access the remote network
        leftnexthop=<gateway address>
        leftsubnet=<MySubnet>
        right=<Remote Addres>
        rightsubnet=<RemoteSubnet>


> 10) Windows client work properly with Netscreen.
> I use aggressive mode and psk and seed.
>
> I know that freeswan do not support
> aggressive mode and i can reconfigure nestcreen for main mode
>
> 11) If it is interesting for you i can
> give public address of Netscreen device and him config.
>
> Thank you.