[Openswan Users] Noob trying basic net-to-net to IPCOP
cjdl01 at brokensolstice.com
Thu Apr 28 19:35:21 EDT 2011
I am totally new to this IPSEC thing. I have done some reading, but I
still don't have a good grasp on everything yet. I figure, once I get
one of these to work, things will start to solidify.
For starters, I'm trying to make a basic net-to-net connection to an
IPCOP firewall. However, I'm finding some issues there.
My left box, is a Debian Squeeze box with openswan 1:2.6.28+dfsg-5.
My right box is the latest version of IPCOP which reports having
Openswan 1.0.10 (from ipsec --version).
I'm trying to follow the most basic tutorial on the openswan wiki, but
I find two problems:
1) the ipcop machine, when I issue ipsec verify, fails on
/etc/ipsec.secrets saying "ipsec showhostkey: no default key in
"/etc/ipsec.secrets", and again on "Looking for forward key for
2) (not unrelated, I'm sure) when I issue ipsec showhostkey --right,
it gives me the same error: "ipsec showhostkey: no default key in
I did make a host key using the vpn tab. I made a net-to-net
connection with a certificate, and I created a root certificate and a
I need to connect to an IPCOP machine, so I'm stuck there. I didn't
think there would be a problem because it uses OpenSwan, but clearly
I'm missing something major here, and I cannot find any help on the
Can someone please illuminate this noob?
More information about the Users