[Openswan Users] Openswan Linux Client to SonicWall Windows Server.
Bas Driessen
bas.driessen at xobas.com
Wed Sep 27 18:28:44 EDT 2006
On Wed, 2006-09-27 at 16:51 +0200, Paul Wouters wrote:
> On Wed, 27 Sep 2006, Bas Driessen wrote:
>
> > Going through the lists, I found out that DES is not supported by
> > default in OpenSwan, so I have re-compiled the package by setting the
> > USE_WEAKSTUFF?=true flag in the Makefile.inc and also corrected the line
> > to WEAK_DEFS=-DUSE_VERYWEAK_DH1=1 -DUSE_1DES in the Makefile of Pluto.
> > All compiles OK. I know that 3DES is better etc, but this is out of my
> > control. I have to get it to work with the current setup.
>
> You might also need to set USE_BROKEN=yes
>
> 3DES is not "better". 1DES is trivially brute forced. You have no VPN. You
> better make sure your boss knows that, and gets it in writing, so that
> you can blame management for this unwise decision.
>
> > left=%defaultroute
> > leftsubnet=192.168.1.0/24
> > leftid=192.168.1.13
>
> > sonicwall.secrets
> >
> > 192.168.1.13 66.nnn.nnn.nnn : PSK "abcdef"
>
> If your ip is actually 192.168.1.13 you cannot tunnel 192.168.1.0/24.
> you cannot be at two places at once.
>
Thanks Paul, I have changed my leftsubnet as follows:
leftsubnet=192.168.1.13/32
Still same failing results. All I need is to connect from a Linux PC as
a client to a VPN tunnel.
Will try the USE_BROKEN switch now.
Thanks,
Bas.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060928/5969bb76/attachment.html
More information about the Users
mailing list