[Openswan Users] How to make a net-to-net connetion with x.509?
Paul Wouters
paul at xelerance.com
Thu Mar 26 14:52:16 EDT 2009
On Thu, 26 Mar 2009, shawnlau wrote:
> When I try to connect two network with x.509 authentication way, there
> always occur an error like below:
>
> 003 "n-n" #3: ignoring informational payload, type INVALID_ID_INFORMATION
> msgid=00000000
> conn n-n
> left=10.255.255.8
> leftsubnet=192.168.100.0/24
> leftcert=left.pem
> right=172.16.255.7
> rightsubnet=192.168.200.0/24
Add leftid=%fromcert
> conn n-n
> left=10.255.255.8
> leftsubnet=192.168.100.0/24
> leftcert=left.pem
> right=172.16.255.7
> rightsubnet=192.168.200.0/24
> rightcert=right.pem
add rightid=%fromcert
> And I add this line ( : RSA /etc/ipsec.d/private/right.key “passwd”) to
> my right server’s ipsec.secret file, not add this in left server.
That's right.
> My openswan version is : openswan-2.6.14-1.el5_2.1
upgrade to 2.6.20.
Paul
More information about the Users
mailing list