[Openswan Users] need some help to configure openswan on net to net
Paul Wouters
paul at xelerance.com
Fri Sep 11 09:18:55 EDT 2009
On Fri, 11 Sep 2009, reza wrote:
> I’m trying to configure two linux server on net-to-net ipsec. Each server has the same subnet :
> 192.168.2.0/24
You cannot connect those. A subnet can only live at one place.
> I tried to use the newhostkey without any success. The tool stay blocked to “Wait Pid”.
It needs entropy/randomness to generate the key. If your device is some embedded device,
then generate the key on another machine and copy the secrets file onto the embedded
device.
> So I’d like to create key and cert file on Linux A to permit to Linux B to establish the tunnel.
> Do you have an exemple of configuration to do that please ?
I would not use X.09 for linux-linux connections. But you can find configuration
examples in /etc/ipsec.d/examples/
Paul
More information about the Users
mailing list