[Openswan Users] newbie needs help

gahn ipfreak at yahoo.com
Fri Jan 20 16:28:59 CET 2006


all:

i am new for the openswan thing and need gurus help
here.

some engineers want to access the company lab from
remote locations via internet and we have internet
access via regular dsl connection, with fixed ip
address on the dsl router and doing the nat for a
linux box (with suse 9.2 pro loaded). on this linux
box, i am trying to build a vpn server (openswan) so
that remote users can access the lab via the vpn
server (openswan). here are few questions (maybe
shallow but please be patient with newbie):

1) what port(s) does openswan use? (since we are
behind a router with heavy access lists)
2) if no specific ports, should i define them?
3) for the docs:

    left=192.0.2.2                 # Local vitals
    leftsubnet=192.0.2.128/29      # 
    leftid=@xy.example.com         #   
    leftrsasigkey=0s1LgR7/oUM...   #
    leftnexthop=%defaultroute      # correct in many
situations 
    right=192.0.2.9                # Remote vitals
    rightsubnet=10.0.0.0/24        #
    rightid=@ab.example.com        # 
    rightrsasigkey=0sAQOqH55O...   #
    rightnexthop=%defaultroute     # correct in many
situations
    auto=add                       # authorizes but
doesn't start 

left is the ip address of the interface that facing
toward internet?
what is the "leftid"? fqdn for the vpn server?
"leftnexthop"? the box i have has three interfaces and
each one has one network. but it does one default
route which points to internet. so i don't have change
this?
4) i did this:

host #: ipsec --version
Linux Openswan U2.2.0/K(no kernel code presently
loaded)

does that mean openswan is not loaded?

tahnsk for ya'll

mingo

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the Users mailing list