[Openswan Users] openswan/smartcard to fw-1 tunnel
Paul Wouters
paul at xelerance.com
Fri Apr 21 19:22:33 CEST 2006
On Fri, 21 Apr 2006, Christian Horn wrote:
> > Are you sure it is the DN that is the issue here? And not perhaps another
> > setting in your conn, such as a missing pfs=no ?
>
> pfs=no was set, after a 'cleanup of old certs and stuff' the FW-1 accepts
> my authorization and i can build up the tunnel.
I guess it had lingering phase-1 connections......
> Other thing is, the SecureRemote-client under windows gets a large
> (>100kb) topology-file here with instructions what networks to route
> to what firewall, i will try to use that xfrm-stuff to set those
> policies with openswan.
That would be cool :) Especially if you know openswan could obtain that
file and 'run' it.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list