[Openswan Users] OpenSwan compatible with other ipsec software?

Michael Schwartzkopff ms at sys4.de
Tue Dec 2 09:49:41 EST 2014


Am Dienstag, 2. Dezember 2014, 14:37:24 schrieb Denny Bortfeldt:
> Hello everyone,
> 
> I've got a little question about openswan.
> There are "left"- and "right"-settings you've to set in the
> openswan-configuration. E.g.: left=4.3.2.1
> leftsubnet=10.1.0.0/24
> leftid=@a.example.com
> leftrsasigkey=0sAQNe...
> leftnexthop=%defaultroute
> right=1.2.3.4
> rightsubnet=10.2.0.0/24
> rightid=@b.example.com
> rightrsasigkey=7xoprFh...
> rightnexthop=%defaultroute
> auto=start
> 
> So now my question:
> Let us assume our VPN-partner use racoon to establish an IPSec tunnel. Do
> the partner or we have to set special parameters? Who is the left one and
> who is the right one or is this not important? Thank you very much in
> advance and sorry for the dump question but I couldn't find any useful
> stuff on google :-\

No. the IKE protocol does not know about "right" and "left". it is only used 
to identify the connection on the local machine. So you can connect to a 
racoon machine. It is only important that your machine can identify itself 
with one side: Either right or left.

Mit freundlichen Grüßen,

Michael Schwartzkopff

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64, +49 (162) 165 0044
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.openswan.org/pipermail/users/attachments/20141202/01c1a053/attachment.pgp>


More information about the Users mailing list