[Openswan Users] Help for configuration
steve.morard at epfl.ch
steve.morard at epfl.ch
Tue Apr 24 07:39:32 EDT 2007
Hello,
Thank you for your quick answer to my question. I'll clarify what my situation
is.
I'm in a private network with a pole of adresses 172.18.112.0/20 and with a
public address X and my address in this private network being Z. What I need to
do, is to establish a VPN with a gateway which has public address Y and in the
LAN a private address 172.20.211.45 (172.20.211.43/29).
I got a pole of addresses: 172.25.8.8/29 and the pre-shared secret.
I consider that I'm the left part of the VPN.
So here is my configuration:
I entered in ipsec.secret:
Z Y : PSK "secret"
I'm not sure whether I have to put the public address of my LAN or if I should
put my private address Z.
Then the content of ipsec.conf is:
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=all
# plutodebug=dns
# Add connections here.
# sample VPN connection
conn sample
# Left security gateway, subnet behind it, next hop toward right.
left=172.25.8.8
leftsubnet=172.25.8.8/29
#leftnexthop=%defaultroute
# Right security gateway, subnet behind it, next hop toward left.
right=Y
rightsubnet=172.20.211.43/29
#rightnexthop=%defaultroute
keyexchange=ike
authby=secret
# To authorize this connection, but not actually start it, at startup,
# uncomment this.
#auto=start
I'll only have access tomorrow to the remote gateway, but I'd like to know if
you see something wrong in my configuration, before I test it.
Thank you for you help
More information about the Users
mailing list