[Openswan Users] Re: Openswan <-> Watchguard Firebox

Lenon Kitchens lenon at sanctuary.org
Sun Nov 20 02:53:51 CET 2005


On Sunday 20 November 2005 12:58 am, Paul Wouters wrote:

> Did you have aggrmode=yes? I did not see that in your connection
> configuration.

Yes, sorry, I should have posted that change to my configuration.  That's how 
I got over my first issue.  Let me just post my config again.

I know that several of the options I have listed in my connection aren't 
needed, but I've been trying everything to get this connected.

Thanks,
  Lenon Kitchens

version 2.0 # conforms to second version of ipsec.conf specification

# basic configuration
config setup
    interfaces="%defaultroute

conn MyCompany
    ike=3des-md5-modp1024
    aggrmode=yes
    auth=esp
    authby=secret
    right=<Watchguard IP>
    rightnexthop=<Watchguard gateway>
    rightsubnet=10.0.0/24
    left=192.168.1.103
    leftnexthop=192.168.1.1
    leftsubnet=192.168.1/24
    auto=add
    pfs=no
    keylife=10h

#Disable Opportunistic Encryption
include /etc/ipsec/ipsec.d/examples/no_oe.conf


More information about the Users mailing list