[Openswan Users] trying to connect OpenSWAN 2.6.19 to a Netgear FVS338
Paul Wouters
paul at xelerance.com
Fri May 15 21:54:00 EDT 2009
On Fri, 15 May 2009, Marcos Hacker wrote:
> Thanks for the information. We ended up having to put the Netgear's
> (right) public certificate on our Linux (left) machine and specify it as
> part of the "rights" parameters . We were expecting messages 5 & 6 to
> contain the certificate.
leftsendcert=always in ipsec.conf or --sendcert as whack paramter.
> ipsec whack --name vpn_tunnel
> --encrypt
> --tunnel
> --ike 3des-md5-modp1024
> --esp 3des-md5
> --compress
> --dpdaction hold
> --ikelifetime 28800
> --rsasig
> --host 130.168.1.3
> --client 172.16.2.3/32
> --nexthop %direct
> --updown "ipsec _updown"
> --sendcert always
> --cert /etc/ipsec.d/clientcert.pem <-- Linux (left)
hmm which is what you have.... Why are you using whack and not ipsec.conf?
run ipsec auto --listall to see if the certificate was send and received
Paul
More information about the Users
mailing list