[Openswan Users] Hello world..:)

Paul Wouters paul at xelerance.com
Tue Jan 31 16:18:34 CET 2006

On Tue, 31 Jan 2006, acidburn at vivonet.lv wrote:

> Hi, I'm a total newbie in IPSec and ISKMP things.
> So.. I have OpenSwan installed on Gentoo.
> I need to make a tunnel to a mobile operator.
> The operator sent me the needed requirements for customer's IPSec/IKE software (given in terms of according RFC's)
> Could You please help me to generate the ipsec.conf for these parameters?
> ISAKMP SA Main Mode            ON
> ISAKMP SA Aggressive Mode      OFF
> ISAKMP SA Authentication       PRESHARED SECRET
> ISAKMP SA Cypher               3DES CBC
> ISAKMP SA Hash function        MD5
> ISAKMP SA Diffie Hellman group 2
> ISAKMP SA SA lifetime (hours)  4
> IPSec SA encryption/authenti   ESP
> IPSec SA Mode                  QUICK
> IPSec SA Cypher                3DES CBC
> IPSec SA Hash Function         MD5
> IPSec SA Perfect Forward Secrecy OFF
> IPSec SA Lifetime (hours)      1

That should all work in standard settings. the only specific things you need is:


More information about the Users mailing list