[Openswan Users] some questions about openswan 2.4.*

Paul Wouters paul at xelerance.com
Thu Nov 12 09:23:53 EST 2009

On Thu, 12 Nov 2009, 顏宏愷 wrote:

> There I have some questions about openswan, please help to answer
> 1.       Does openswan has any command can check what conn entry in ipsec.conf has been added after ipsec has been started by setup –start ?

ipsec auto --status

> 2.       Does openswan has commands just like ipsec-tools setkey for checking SDB and SPD in linux kernel?

ip xfrm pol
ip xfrm state

> 3.       how to set ipsec.conf and ipsec.secrets to support  both pre-shared key and certificates at the same time?

Add two conns. There is (was?) the old syntax of authby=secret|rsasigkey but I'm not sure if that's still
really supported.


More information about the Users mailing list