[Openswan Users] Openswan + Fortigate shared key problem
Paul Wouters
paul at xelerance.com
Sun Sep 28 10:55:24 EDT 2008
On Sun, 28 Sep 2008, Marcin J. Kowalczyk wrote:
> I'm trying to setup connection between Openswan 2.4.12 and fortigate
> VPN. Only information I received from person who administrates Forti is:
>
> "Remote Peer: 81.xx.xx.66
> Inside-Net: 192.168.0.0/255.255.255.0
> Pre shared key:
> esp-3des esp-md5-hmac
> authentication pre-share
> encryption 3des
> hash md5
> group 2
> lifetime 86400 "
> conn forti
> type= tunnel
> authby= secret
> #RRT
> left= 78.xx.xx.20
> leftsubnet= 192.168.127.0/24
Does the other admin have this subnet defined for you?
> leftnexthop= %defaultroute
> #SAA
> right= 81.xx.xx.66
> rightsubnet= 192.168.0.0/255.255.255.0
> esp= esp-md5-hmac
esp=3des-md5
> ike= 3des-md5-hmac
ike=3des-md5
> keyexchange= ike
> pfs= no
> auto= start
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
>
> in /etc/ipsec.d/forti.secret I've put password I received from VPN
> admin. Can anybody help me with configuration of this connection?
If this does not work, you should show the logs so we can see
the problem. Or even better, have them connect to you and show
the problem because then you receive their proposal and you can
match it.
Paul
More information about the Users
mailing list