[Openswan Users] need some help to configure openswan on net tonet
Paul Wouters
paul at xelerance.com
Fri Sep 11 11:42:04 EDT 2009
On Fri, 11 Sep 2009, reza wrote:
> OK, I have found how to create the file using urandom.
You have now generated a key that is not suitable as a long term key.
There is a very VALID reason why openswan did not use urandom for that.
Trying to modify cryptographic code without understanding it, is an
extremely unwise course of action to take.
> Now it seems that the tunnel doesn't establish (on client) :
>
> Sep 11 17:31:39 octi pluto[15559]: "zola-octi" #9: the peer proposed: 192.168.2.0/24:0/0 -> 192.168.2.0/24:0/0
As I said before, you cannot have the same subnet on both ends. Where should a packet for 192.168.2.1
go to? To machine A with 192.168.2.1 or to machine B with 192.168.2.1.
Paul
More information about the Users
mailing list