[Openswan Users] FW:Which modules/versions do I need?
Paul Wouters
paul at xelerance.com
Wed Apr 11 23:46:35 EDT 2007
On Wed, 11 Apr 2007, Chris Bartram wrote:
> >> grep: /etc/ipsec.conf: No such file or directory
> >> cat: /etc/ipsec.conf: No such file or directory
> >
> > Seems you have no config file??
>
> Hadn't gotten that far; I did just begin setting it up though. I want to
> allow two configs;
Normally openswan installs stub config files. They have one important feature,
which is to include /etc/ipsec.d/examples/no_oe.conf. They also provide the
standard "config setup" section, where you will have to enable NAT-T.
> 1) roadwarrior on XP SP2 boxes (using windows built-in vpn) using certs and
> authenticating using my Win2003 domain controller
>
> 2) a remote peer network (also using certs) -using a commercial firewall
> that does support connections to Openswan (don't recall the name or OS at
> the moment though)
Should work.
> conn l2tp-X.509
> right=%any
> rightca=%same
> rightrsasigkey=%cert
> rightprotoport=17/1701
> rightsubnet=vhost:%priv,%no
You might need rightprotoport=17/%any to support OSX (and perhaps Windows Vista)
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list