[Openswan Users] Config file Question.
Magnus Holmberg
magnus.holmberg at pepto.se
Wed Feb 18 14:16:23 EST 2009
I like to setup a vpn connection to another server and recieved the
information that it should be setup like:
Encryption method: IKE
Transforms: ESP
IKE Phase1:
Encryption algorithm: AES
Hash method: SHA1
Diffie-Hellman group: 2 (1024 bits)
IKE key lifetime: 28800sec
IKE Phase2:
Encryption algorithm: AES
Hash method: SHA1
Diffie-Hellman group: 2 (1024 bits)
IPsec key lifetime: 3600sec
Aggressive mode: disabled
Can someone help me with the config here.
IE i wounder what the esp= and ike should be set to.
Is this correct:
conn VPN
authby=secret
auto=start
rekey =yes
left=x.x.x.x
leftsubnet=x.x.x.x.192/28
auth = esp
keyexchange=ike
ikelifetime=28800s
keylife=3600s
right=y.y.y.y
rightsubnet=y.y.y/29
ike=aes256-sha1-modp1024
esp=aes256-sha1-modp1024
dpddelay=3
dpdtimeout=120
dpdaction=restart
aggrmode=no
More information about the Users
mailing list