[Openswan Users] Does openswan 2.6.X or 2.4.x support AH only ?
顏宏愷
yhkai at cht.com.tw
Fri Sep 25 05:53:21 EDT 2009
Thanks Paul.
I have tried openswan 2.6.22 with AH only (phase2=ah) for simple net-to-net connection, but never work.
Here is my config, using preshared key and tunnel mode
authby=secret
type =tunnel
phase2=ah
left= 10.x.x.x
left.subnet=192.168.2.x
leftid=@left
right=10.x.x.x
righted=@right
rightsubnet=192.168.1.x
on my test, both sides are installed openswan 2.6.22 and has the same ipsec.conf.
As you said phase2=ah should work, why my test not working?
Do you ever make similar testing? Any suggestion is appreciated.
Thanks
jimmy
-----Original Message-----
From: 顏宏愷
Sent: Thursday, September 24, 2009 5:35 PM
To: 顏宏愷; 'users at openswan.org'
Subject: Does openswan 2.6.X or 2.4.x support AH only ?
Thanks Paul for your speedy reply for the last mail.
Now I have another question about AH -only
From manpage of ipsec.conf, it say I can set phase2=ah for AH-only.
I have tried it but not succeed.
Does openswan 2.6.x or 2.4.x support AH-only?
If yes, what parameters should I set in my ipsec.conf?
Thanks lot
jimmy
-----Original Message-----
From: 顏宏愷
Sent: Wednesday, September 23, 2009 5:06 PM
To: 'users at openswan.org'
Subject: Does openswan 2.6.22 support ESP without authentication data?
Hi, everyone.
From my understanding for ipsec protocol, the ESP can optionally have authentication data or not. My question is :
Does openswan 2.6.22 support ESP without authentication data?
If yes, what parameters should I set in my ipsec.conf?
Thanks in advance
Gimmy yen
More information about the Users
mailing list