[Openswan Users] Just two questions
paul at xelerance.com
Wed Mar 23 21:30:06 CET 2005
On Wed, 23 Mar 2005, Hugo Mora wrote:
> - I've seen in some appliance products (like astaro) that the user can
> select: encryption algorithm, authentication algorithm, IKE DH Group
> (for ISAKMP phase). How can I set these algorithms with Openswan? I
> cant see that parameters on ipsec.conf documentation...
> I would like to use automatic keying.
see the options for:
> - If I create one secondary IP on an interface (with iproute), I can't
> create an IPSEC connection with this new IP. The error reported is "We
> cannot identify ourselves with either end of this connection". I think
> ipsec only see the first address. Why I can do that? Is so strange to
> do it?
Currently, onlt the old 'ip aliases' are supported, so if you use
'ifconfig eth0:2 a.b.c.d', then Pluto will recognise them.
As time passes hardware approaches the effectiveness of a rock and
the reliability of a crack addict.
--- Naubert's law
More information about the Users