[Openswan Users] Linux to Linux ipsec/l2tp server

Paul Wouters paul at xelerance.com
Mon Feb 13 18:04:11 CET 2006


On Mon, 13 Feb 2006, Brett Curtis wrote:

> This will not work using secrets for auth will it? I guess I will look into
> changing to certs if this is the case.
>
> Thanks.
> On Feb 11, 2006, at 9:53 PM, Paul Wouters wrote:
>
> > On Fri, 10 Feb 2006, Brett Curtis wrote:
> >
> > > Is there anyway I can create a straight "road-warrior" type ipsec
> > > connection
> > > for just linux clients and also keep my other settings available for my
> > > windows users?
> >
> > Yes. Just create a new conn and set explicite rightid= and leftid=
> > options, and pluto will be able to distinguish your linux roadwarrior
> > from the l2tp roadwarriors

It should work for authby=secret as well, though using raw RSA keys or
certificates is always better. raw RSA keys is also the most simple solution.
Just run ipsec showhostkey --left (or --right) and put those lines in the
connection definition.

Paul


More information about the Users mailing list