[Openswan Users] Sending Configuration Request Payload
Prashant Batra
prashant0100 at gmail.com
Wed Nov 23 01:02:33 EST 2011
I need to configure a local address assigned by them.
On Wed, Nov 23, 2011 at 10:25 AM, Michael H. Warfield <mhw at wittsend.com> wrote:
> On Wed, 2011-11-23 at 08:48 +0530, Prashant Batra wrote:
>> Hi,
>>
>> I am trying to setup a IPSec tunnel(net-net) using openswan with IKEv2
>> as the IKE exchange protocol.
>> My tunnel setup requires an IP assignment to be given by the peer
>> gateway. So openswan should send a CP request payload requesting IP
>> address.
>> But I am not able to send it using my ipsec.conf.
>>
>> conn net-to-net
>> ikev2=yes
>> ike=aes128-md5;modp1024
>> authby=secret
>> left=198.168.68.2
>> leftsubnet=172.16.80.0/24
>> leftsourceip=172.16.80.1 -----> I added this, assuming it will
>> send CP payload requesting this IP address.
>> leftnexthop=%defaultroute
>> right=192.168.101.101
>> rightsubnet=172.16.60.0/24
>> rightnexthop=%defaultroute
>> auto=start
>
>> Could someone point me to the soultion.
>
> THAT sounds like you need to be using XAUTH. The XAUTH extensions allow
> for passing things like local address and routes and name servers. Are
> you saying you need to provide an address to them (xauth server) or that
> you have to configure a local address from them (xauth client)? I've
> only putzed with the client side of that setup with Cisco ASA gateways.
>
>> Thanks,
>> Prashant
>
> Regards,
> Mike
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
>
--
Prashant Batra
Follow the dreams!!
More information about the Users
mailing list