[Openswan Users] How to configure this?

Thu Mar 29 00:29:13 EDT 2007

Hi,all:
    I am Jacky, a beginner with openswan2.3.1. Now,I meet a big problem(may be just for me).
    We know that ESP has two services,authentication and encryption. We can chose either or both of them.
    What should I do if I only want ESP's authentication service with transport mode between two hosts? I do not use /etc/ipsec.conf but a scritp to configure openswan.
When I run the following script, it tells me that "--esp" need argument like this "enc_alg-auth_alg-modp".But I just want to only use ESP's authentication service with transport mode. What should I do?

#!/bin/sh
IPSEC_PATH=/usr/local/libexec/ipsec
$IPSEC_PATH/whack --delete --name test
$IPSEC_PATH/whack --name test \
	--host 192.168.12.3  \
	--nexthop 192.168.12.3 --to \
	--host 192.168.12.4 \
	--psk --esp  --ike 3des

Fartherly, how to configure the openswan to use AH's authentication service or ESP's own authentication if I use ESP protocol.

   I will really appreciate your help and reply~~~~~~

   祝  工作顺利 身体健康！ 			
VPN技术部   孙国辉
**********************************
北京天融信（TOPSEC）科技有限公司
地址：北京市海淀区上地东路1号华控大厦
邮编：100080
电话：010－82776580
网址：http://www.topsec.com.cn