[Openswan Users] need some help to configure openswan on net to net

Paul Wouters paul at xelerance.com
Fri Sep 11 09:18:55 EDT 2009

On Fri, 11 Sep 2009, reza wrote:

> I’m trying to configure two linux server on net-to-net ipsec. Each server has the same subnet :

You cannot connect those. A subnet can only live at one place.

> I tried to use the newhostkey without any success. The tool stay blocked to “Wait Pid”.

It needs entropy/randomness to generate the key. If your device is some embedded device,
then generate the key on another machine and copy the secrets file onto the embedded

> So I’d like to create key and cert file on Linux A to permit to Linux B to establish the tunnel.
> Do you have an exemple of configuration to do that please ?

I would not use X.09 for linux-linux connections. But you can find configuration
examples in /etc/ipsec.d/examples/


More information about the Users mailing list