[Openswan Users] Is ti possible to use transport mode for peer-to-peer connections
Paul Wouters
paul at xelerance.com
Wed Nov 19 15:33:14 EST 2008
On Wed, 19 Nov 2008, PVGRaviKumar wrote:
> I am using openswan 2.4.13 with Fedora core4 system. I am facing a
> problem with peer-to-peer connection in transport mode
>
> Here is my conf file
> conn Remote
> type=transport
> authby=secret
> left=%defaultroute
> leftid=10.1.1.253
> leftsubnet=192.168.100.183/24
> right=192.168.10.173
> rightid=10.1.1.254
> rightsubnet=192.168.200.173/24
> ike=des-md5-modp768
> auth=esp
> esp=des-md5
> pfs=yes
> pfsgroup=modp768
> ikelifetime=28800
> keylife=14400
> auto=add
>
> When I tried to add this connection to ipsec daemon, the log message
> displayed was
> "Added new connection 'Remote' with policy PSK+ENCRYPT+TUNNEL+PFS" -
> which means that connection is added in tunnel mode.
You have subnet= options for transport mode?
Paul
More information about the Users
mailing list