[Openswan Users] Connect Openswan with Greenbow

Michael Wagner znnac at wagnertech.de
Thu Aug 28 17:05:59 EDT 2008 

Hi list,

I'm a complete newbee to VPN. This is what i like to do:
I want connect my LINUX-Openswan client to a Windows-Greenbow server.

How to configure openswan?
Where should i start to read?

I have a greenbow configuration file with the following data (the concrete
data is omitted)
# Do not edit this file. It is overwritten by VpnConf.
# SIGNATURE SHA = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Creation Date : 2006-04-26 at 14:20:02
# Written by VpnConf 3.10
#

[General]
Shared-SADB = ...
Retransmits = ...
Exchange-max-time = ...
Default-phase-1-lifetime = ...
Bitblocking = ...
Xauth-interval = ...
DPD-interval = ...
DPD_retrans =...
DPD_wait = ...

[Default-phase-2-lifetime]
LIFE_TYPE = ...
LIFE_DURATION = ...

# ==================== PHASES 1 ====================

[Phase 1]
#> nnn.nnn.nnn.nnn = XXX

[XXX-main-mode]
DOI = IPSEC
EXCHANGE_TYPE = ID_PROT
Transforms = AES128-SHA-GRP1

[XXX-P1]
Phase = 1
Address = ...
Transport = udp
Configuration = XXX-main-mode
Authentication = ...
Xauth = ...
Xpopup = ...
Xuser = "nobody"
Xpasswd = ...
ID = ...
Remote-ID = ...

[XXX-ID]
ID-Type = FQDN
Name = ...

[XXX-REMOTEID]
ID-Type = IPV4_ADDR
Address = ...

# ==================== PHASES 2 ====================

[Phase 2]
Passive-connections = XXX-XXX-P2

[XXX-XXX-P2]
Phase = 2
ISAKMP-peer = XXX-P1
Remote-ID = XXX-remote-addr
Configuration = XXX-quick-mode
AutoStart = ...
USBStart = ...

# ==================== Ipsec ID ====================

[XXX-remote-addr]
ID-type = IPV4_ADDR_SUBNET
Network = ...
Netmask = 255.255.252.0

# ==================== TRANSFORMS ====================

[XXX-quick-mode]
DOI = IPSEC
EXCHANGE_TYPE = QUICK_MODE
Suites = XXX-quick-mode-suite

[XXX-quick-mode-suite]
Protocols = TGBQM-ESP-AES128-SHA-TUN

[TGBQM-ESP-AES128-SHA-TUN]
PROTOCOL_ID = IPSEC_ESP
Transforms = TGBQM-ESP-AES128-SHA-TUN-XF

[TGBQM-ESP-AES128-SHA-TUN-XF]
TRANSFORM_ID = AES128
AUTHENTICATION_ALGORITHM = HMAC_SHA
ENCAPSULATION_MODE = TUNNEL
Life = ...



-- 
Michael J.M. Wagner

More information about the Users mailing list