[Openswan Users] really basic peer-to-peer setup
Alan McKay
alan.mckay at gmail.com
Fri May 3 20:16:47 UTC 2013
On Fri, May 3, 2013 at 2:20 PM, Simon Deziel <simon at xelerance.com> wrote:
>> ipsec_setup: Warning: ignored obsolete keyword forwardcontrol
>
> This one is more suspect. Can you post your ipsec.conf ?
I can't recall whether or not that one was put there by webmin or not.
I had spent quite a few hours on it myself without webmin but then
after so much trouble I installed webmin and got it involved to see
whether I was doing something really brain dead.
Here is my config - and "left is local". The "interfaces" was added
by webmin I know that much.
# basic configuration
config setup
dumpdir=/var/run/pluto/
forwardcontrol=yes
interfaces="ipsec0=xenbr0"
nat_traversal=yes
oe=off
plutoopts=--perpeerlog
protostack=auto
virtual_private=,%v4:172.16.0.0/24,%v4:172.30.0.0/24
# Use this to log to a file, or disable logging on embedded
systems (like openwrt)
#plutostderrlog=/dev/null
# Add connections here
conn bioinformatics
aggrmode=no
authby=secret
auto=start
compress=no
ike=aes256-sha1;modp1024!
left=10.242.182.88
leftid=10.242.182.88
leftnexthop=10.242.182.1
leftsubnet=172.30.0.0/24
pfs=no
phase2alg=aes256-sha1;modp1024
right=10.246.159.41
rightid=10.246.159.41
rightnexthop=10.246.159.1
rightsubnet=192.168.160.0/24
type=tunnel
--
“Don't eat anything you've ever seen advertised on TV”
- Michael Pollan, author of "In Defense of Food"
More information about the Users
mailing list