[Openswan Users] initial Main Mode message received on X:500 but no connection has been authorized
brian at systemix.com
Wed May 14 14:42:50 EDT 2008
I bought the book and that helped a lot. But there is definitely some
Man ipsec.conf returns a ton of information about what each
configuration directive does, but not much about how they interact.
The real hard part, for me anyway, is that when something doesn't work
it's not at all clear why. I suppose if you're a dyed in the wool
ipsec fanatic it's all obvious. But for someone who focuses on other
things, it's can be rough going sometimes to get this stuff working.
But when it does work, it's great!
On May 14, 2008, at 2:30 PM, Paul Wouters wrote:
> On Wed, 14 May 2008, Thomas Novin wrote:
>>> Yes. IPsec is harder to setup then Openvpn. But if offers more and
>>> scales much better,
>>> neither of which will matter much to a 1-3 user system.
>> I've worked with lots of IPsec solutions (hardware based) but I don't
>> think I've come across anything so hard to configure as Openswan.
>> It's a
>> shame because you can do virtually anything with it, if you just know
>> how to.
> It is not that hard. It is in my experience much easier to use then
> any hardware webgui interface, which tend to look like snmp-via-html
> man ipsec.conf has a LOT of information. testing/pluto/* has a few
> hundred testcases with configuration examples. And the most used
> cases can be found in /etc/ipsec.d/examples/
> The "left" and "right" syntax might need getting used to, but you can
> read is as "local" and "remote" if you want.
> Building and integrating Virtual Private Networks with Openswan:
> Users at openswan.org
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users