[Openswan Users] Openswan + Fortigate shared key problem

Marcin J. Kowalczyk marcin.kowalczyk at ccig.pl
Sun Sep 28 09:05:35 EDT 2008


Welcome,

 I'm trying to setup connection between Openswan 2.4.12 and fortigate 
VPN.  Only information I received from person who administrates Forti is:

"Remote Peer:  81.xx.xx.66
Inside-Net: 192.168.0.0/255.255.255.0

Pre shared key:
Md5xxxxxxxx


esp-3des esp-md5-hmac


authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400 "

I've tried google for solution, but I could not find any working (for my 
enviroment) solution. My /etc/ipsec.d/forti.config is

conn forti
        type=           tunnel
        authby=         secret
        #RRT
        left=           78.xx.xx.20
        leftsubnet=     192.168.127.0/24
        leftnexthop=    %defaultroute
        #SAA
        right=          81.xx.xx.66
        rightsubnet=    192.168.0.0/255.255.255.0
        esp=            esp-md5-hmac
        ike=            3des-md5-hmac
        keyexchange=    ike
        pfs=            no
        auto=           start
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf

in /etc/ipsec.d/forti.secret I've put password I received from VPN 
admin. Can anybody help me with configuration of this connection?

Best Regards,
Marcin




More information about the Users mailing list