[Openswan Users] Transport mode using certificates
Paul Wouters
paul at xelerance.com
Tue Jul 19 10:14:22 EDT 2011
On Tue, 19 Jul 2011, S, Senthilprabu (NSN - IN/Bangalore) wrote:
> I am trying to setup secured IPSec connection between two Linux machines
> in same subnet. So it will be based on transport mode using Openswan. I
> was able to establish connection using pre-shared key. But I wanted to
> establish transport mode using self signed certificate. Can anyone in
> this group tell me whether transport mode connection using certificate
> (RSA/x.509 ) is possible using Openswan. If yes, please let me know the
> document or link description this configuration?.
It's not different from tunnel mode. See some of the examples in the source
archive or your distro's "doc" section. On redhat/fedora that might be in the
openswan-doc package, or in the /usr/share/doc/openswan* directory. In the
source you can find examples in testing/pluto/x509*
See also "man ipsec.conf" and look for leftcert= leftsendcert= leftprotoport=
Paul
More information about the Users
mailing list