[Openswan Users] R: Endian openswan & roadwarrior

Marco Tironi tironi at 8volante.com
Fri Nov 9 08:29:39 EST 2007


> 111.111.111.111 0.0.0.0 : PSK "nodeNKNK"

Try 111.111.111.111 %any : PSK "nodeNKNK"

##### Ok, now works!

Thoug be aware, you must use the same PSK for all roadwarriors.
That's why X.509 certs are better.

##### I know, but PSK are ok for testing the system.

> conn nodeNK
>         left=111.111.111.111
>         leftnexthop=%defaultroute
>         leftsubnet=128.1.0.0/255.255.0.0
>         right=151.37.34.175

Which does not match left= or right= (the IP is used as id if not
leftid/rightid is specified)

Either add leftid/rightid, or better, switch to X.509 certificates.

##### If i don't know the rightid, can I use "0.0.0.0/0" ?? How can I
correctly set the ID ?

##### Thanks again.

##### Marco Tironi 

##### PS: can someone help me setting che Endian Firewall
"/var/efw/vpn/config" ???



More information about the Users mailing list