[Openswan Users] Does openswan 2.6.X or 2.4.x support AH only ?

顏宏愷 yhkai at cht.com.tw
Fri Sep 25 05:53:21 EDT 2009


Thanks Paul.
I have tried openswan 2.6.22 with AH only (phase2=ah) for simple net-to-net connection, but never work.
Here is my config, using preshared key and tunnel mode
 authby=secret
 type =tunnel
  phase2=ah
 left= 10.x.x.x
left.subnet=192.168.2.x
leftid=@left
right=10.x.x.x
righted=@right 
rightsubnet=192.168.1.x
on my test, both sides are installed openswan 2.6.22 and has the same ipsec.conf.
As you said phase2=ah should work, why my test not working?
Do you ever make similar testing?  Any suggestion is appreciated.
Thanks 

jimmy
-----Original Message-----
From: 顏宏愷 
Sent: Thursday, September 24, 2009 5:35 PM
To: 顏宏愷; 'users at openswan.org'
Subject: Does openswan 2.6.X or 2.4.x support AH only ? 

Thanks Paul for your speedy reply for the last mail.
Now I have another question about  AH -only
From manpage of ipsec.conf, it say I can set phase2=ah for AH-only.
I have tried it but not succeed.
Does openswan 2.6.x or 2.4.x support  AH-only?
  If  yes, what parameters should I set in my ipsec.conf?

Thanks lot
jimmy
-----Original Message-----
From: 顏宏愷 
Sent: Wednesday, September 23, 2009 5:06 PM
To: 'users at openswan.org'
Subject: Does openswan 2.6.22 support ESP without authentication data? 


Hi, everyone.
From my understanding for ipsec protocol, the ESP can optionally have authentication data or not. My question is :
Does openswan 2.6.22 support  ESP without  authentication data?
If  yes, what parameters should I set in my ipsec.conf?
Thanks in advance

Gimmy yen


More information about the Users mailing list