[Openswan Users] single ip not a subnet for leftsubnet
nemus at grayhatlabs.com
nemus at grayhatlabs.com
Wed Apr 4 16:54:42 EDT 2012
I am trying to setup an ipsec tunnel between a third party.
The thirdparty specifies two single ip address not subnet ranges in their
ipsec configuration interface.
How would I specify a single ip address using openswan for the NETKEYS
routing?
This is something I cannot budge on.
I tried this but it doesn't seam to work.
leftsubnet = x.x.x.x1/32
# /etc/ipsec.conf - Openswan IPsec configuration file
#
# Manual: ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
protostack=netkey
nat_traversal=no
virtual_private=
oe=off
# Enable this if you see "failed to find any available worker"
nhelpers=0
conn test-a
type=tunnel
authby = secret
left = x.x.x.x1
leftid = x.x.x.x1
leftsubnet = x.x.x.x1/32
leftsourceip = x.x.x.x1
leftnexthop=%defaultroute
right= x.x.x.x2
rightid =x.x.x.x2
rightsubnets= {x.x.x.x6/32,x.x.x.x5/32}
esp=aes-256-sha1
keyexchange = ike
pfs = no
auto = start
lifetime=86400s
More information about the Users
mailing list