[Openswan Users] Nesting configs
Larry Brown
larry.brown at dimensionnetworks.com
Thu Jul 15 09:24:21 EDT 2010
Thanks Michael. You guys rock!
On Thu, 2010-07-15 at 09:05 -0400, Michael Smith wrote:
> Larry Brown wrote:
>
> > ipsec.conf:
> > ---------------------------------------------
> > version 2.0
> >
> > config setup
> >
> > nat_traversal=yes
> > oe=off
> > vitual_private=%v4:192.168.0.0/24,%v4:!172.16.0.0/24
> > protostack=netkey
> >
> > include /etc/ipsec.d/include/ipsec.*.conf
>
> That's OK.
>
> > -----------------------------------------------
> > conn r101
> >
> > include leftSide
>
> You can't include from inside a connection block. What you might want to
> do is create a file, zz99leftside.conf, with "conn leftside" containing
> the items you need. Then refer to it with "also=leftside" in your other
> connections.
>
> The file has to be included after all the other files so they can
> reference it with "also" - since "*" matches in alphabetical order, the
> zz99 takes care of that.
>
> Mike
--
Larry Brown <larry.brown at dimensionnetworks.com>
More information about the Users
mailing list