[Openswan Users] Is ti possible to use transport mode for peer-to-peer connections

Paul Wouters paul at xelerance.com
Wed Nov 19 15:33:14 EST 2008


On Wed, 19 Nov 2008, PVGRaviKumar wrote:

> I am using openswan 2.4.13 with Fedora core4 system. I am facing a
> problem with peer-to-peer connection in transport mode
> 
> Here is my conf file
> conn Remote
>         type=transport
>         authby=secret
> 	left=%defaultroute
>         leftid=10.1.1.253
>         leftsubnet=192.168.100.183/24
>         right=192.168.10.173
>         rightid=10.1.1.254
>         rightsubnet=192.168.200.173/24
>         ike=des-md5-modp768
>         auth=esp
>         esp=des-md5
>         pfs=yes
> 	pfsgroup=modp768
>         ikelifetime=28800
>         keylife=14400
>         auto=add
> 
> When I tried to add this connection to ipsec daemon, the log message
> displayed was 
> "Added new connection 'Remote' with policy PSK+ENCRYPT+TUNNEL+PFS" -
> which means that connection is added in tunnel mode. 

You have subnet= options for transport mode?

Paul


More information about the Users mailing list