[Openswan Users] need some help to configure openswan on net to net
reza
issanyr at olympecti.fr
Fri Sep 11 09:34:55 EDT 2009
What is entropy/randomness ?
I have a lot of linux servers, but, I don't know on which I can generate the file ?
azer.
-----Message d'origine-----
De : Paul Wouters [mailto:paul at xelerance.com]
Envoyé : vendredi 11 septembre 2009 15:19
À : reza
Cc : users at openswan.org
Objet : Re: [Openswan Users] need some help to configure openswan on net to net
On Fri, 11 Sep 2009, reza wrote:
> I’m trying to configure two linux server on net-to-net ipsec. Each server has the same subnet :
> 192.168.2.0/24
You cannot connect those. A subnet can only live at one place.
> I tried to use the newhostkey without any success. The tool stay blocked to “Wait Pid”.
It needs entropy/randomness to generate the key. If your device is some embedded device,
then generate the key on another machine and copy the secrets file onto the embedded
device.
> So I’d like to create key and cert file on Linux A to permit to Linux B to establish the tunnel.
> Do you have an exemple of configuration to do that please ?
I would not use X.09 for linux-linux connections. But you can find configuration
examples in /etc/ipsec.d/examples/
Paul
More information about the Users
mailing list