[Openswan Users] Compatiblity between 2.4.6 and 2.6.14 (fwd)
toby at webtechservices.com.au
Tue Aug 5 19:36:46 EDT 2008
Have you tried removing the left/rightid= lines?
According to the man page under the leftcertrsasig entry: "The value %cert
will load the information required from a certificate defined in %leftcert
and automatically define leftid for you."... which I take to mean that
leftid is only for PSK connections.
----- Original Message -----
From: "John Haskey" <openswan at haskey.com>
To: <users at openswan.org>
Sent: Wednesday, August 06, 2008 6:03 AM
Subject: [Openswan Users] Compatiblity between 2.4.6 and 2.6.14 (fwd)
> (reposted since info following an 'at' sign was truncated)
> I recently installed a Fedora Core 9 system with Openswan 2.6.14. The
> site I was trying to establish a connection to was running 2.4.6. Here's
> the ipsec.conf that we use (with some info redacted):
> version 2.0 # conforms to second version of ipsec.conf specification
> config setup
> conn %default
> conn vpnconnection
> # Left
> # Right
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
> (I've removed the external IP address and substituted domain and user for
> the actual values).
> Anyway, this works fine with 2.4.6 but with 2.6.14 we get the 'cannot
> identify ourselves with either end of this connection' message.
> I've since removed 2.6.14, and installed 2.4.6 and things are working but
> I'd really like to be using current code at least on my system, or is
> connecting between disparate versions not recommeded/supported?
> Thanks for any insights!
> John Haskey
> Users at openswan.org
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users