[Openswan Users] Openswan in transport mode

naveen kumar naveen_mamindla at yahoo.co.in
Fri May 26 16:49:43 CEST 2006 

Hi Karthik ,

Try with the below configuration...

conn net-to-net
         type=transport
         left=the source ip   
         #leftid=i have given the source ip itself
gain here.Is that
 wrong or what ip should i give ?? should domain name
 be given ???      
         #leftnexthop= I have given the right ip ie.
 the destination ip.
 Is it right ???        
         right= The destination ip.     
         #rightid= Have given the right ip here .
         #rightnexthop=  I gave the source ip here ie
 the left ip.
         auth=esp
         esp=3des-sha1
         authby=secret
         pfs=no
         auto=start     


NOTE : PFS should be same on both ends.
       in ipsec.secrets mention ipaddress
              

Regards
Naveen







--- karthik.ramanathan at wipro.com wrote:

> 
> 
> Hi,
> 
> I am implementing IPsec using openswan in snapgear
> embedded linux ,i am
> configuring IPsec  in transport mode and want to
> establish a IPsec
> connection between the windowsXP and the embedded
> linux machine where
> IPsec is configured.In windows XP machine IPsec is
> configured using
> secpol.msc.
> 
> I am not able to establish a IPsec connection
> between the two
> machines.This is the ipsec.conf i am using it in the
> embedded linux
> machine.
> 
> config setup
>         klipsdebug=yes
>         plutodebug=yes
>         pluto=yes
> 
> conn net-to-net
>         type=transport
>         left=the source ip   
>         leftid=i have given the source ip itself
> again here.Is that
> wrong or what ip should i give ?? should domain name
> be given ???      
>         leftnexthop= I have given the right ip ie.
> the destination ip.
> Is it right ???        
>         right= The destination ip.     
>         rightid= Have given the right ip here .
>         rightnexthop=  I gave the source ip here ie
> the left ip.
>         auth=esp
>         esp=3des-sha1
>         authby=secret
>         pfs=no
>         auto=start                     
> 
> Please tell me what changes or modifications i have
> to do in the
> ipsec.conf file and make  the connection establish
> between the windows
> XP machine and the openswan machine.
> 
> Thanks and Regards
> Karthik
> 
> 
> 
> 
> The information contained in this electronic message
> and any attachments to this message are intended for
> the exclusive use of the addressee(s) and may
> contain proprietary, confidential or privileged
> information. If you are not the intended recipient,
> you should not disseminate, distribute or copy this
> e-mail. Please notify the sender immediately and
> destroy all copies of this message and any
> attachments.
> 
> WARNING: Computer viruses can be transmitted via
> email. The recipient should check this email and any
> attachments for the presence of viruses. The company
> accepts no liability for any damage caused by any
> virus transmitted by this email.
> 
> www.wipro.com>
_______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks
> with Openswan: 
>
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 


Send instant messages to your online friends http://in.messenger.yahoo.com

More information about the Users mailing list