[Openswan Users] key 2048 bit
Salvatore
sasa at shoponweb.it
Wed Mar 27 14:55:37 UTC 2013
Sergey wrote:
>Not sure, but I think that is impossible. Try PSK.
I've never configured a site-to-site connection using PSK (I use PSK only for the road connection), but I can try to use the PSK but as I set in ipsec.conf file?
conn myhost-fortinet
auto=start
authby=secret
pfs=yes
#sede left myhost
left=151.x.x.x
leftsubnet=172.16.0.0/24
leftnexthop=151.x.x.y
#side fortinet
right=161.x.x.x
rightsubnet=192.168.1.0/24
rightnexthop=161.x.x.y
is correct ?
the PSK is the same on both host (my host and fortinet) ?
in which file should be written PSK? in ipsec.secret ?
Thanks.
-
Salvatore.
More information about the Users
mailing list