[Openswan Users] LAN Configuration Help
Michael Walker
mwalkersprint at cox.net
Mon Jul 23 22:27:03 EDT 2012
All,
I need to setup OpenSwan to FORCE all connections in/out of each machine on the LAN to go through a secure connection (ESP). Now I was able to modify the conf and secrets file that allow a point-to-point between 2 specific machines, but I wanted to generalize the settings so that ALL incoming and outgoing data across the LAN is encrypted. The idea is to copy/paste the configuration and secrets file to each machine and not have to customize the files on each machine (especially when dhcp may change IP addresses)
So the question is how do I setup the secrets file? I know I can use %any on one end (right), but what about my local side (left)?
Example: 192.168.1.1 %any: "mysupersecret" Becomes?
And here is what I thought would work for the configuration...but no luck.
conn allInOut
authby=secret
left=%defaultroute
right=%any
auto=start
phase2=esp
phase2alg="aes256-sha1;modp1024"
Is there a way to make this work?
Thanks All,
Mike
More information about the Users
mailing list