[Openswan Users] A working example of use of X.509 certificates, Linux -- Windows XP

Paul Wouters paul at xelerance.com
Thu Jun 16 16:35:56 CEST 2005

On Thu, 16 Jun 2005, Miguel Dilaj wrote:

> The "final" certs were created in the same box, but as you suggested, on
> Linux using dual booting (the time and timezone should be the same anyway).

windows messes things up with daylight savings and all.

>>> I'm not sure if the line
>>> 	interfaces="ipsec0=eth0"
>>> is required, but it works...
>> No. in fact when using netkey on linux 2.6, it is best left at
> "%defaultroute"
> OK, but I've 2 interfaces on the VPN box.
> I _guess_ that I should use:
> 	interfaces=a.a.a.a

no, with netkey, use interfaces="%defaultroute". Only klips really needs to
know the interfaces to bind the ipsecX interfaces to. Netkey does not support
or need that.


More information about the Users mailing list