[Openswan Users] Multiple servers with multiple tunnels each
Patrick Naubert
patrickn at xelerance.com
Tue Jun 24 07:03:48 EDT 2014
Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.
From: David Brezynski <brezy at u.washington.edu>
Subject: Multiple servers with multiple tunnels each
Date: June 23, 2014 at 3:01:50 PM EDT
To: users at lists.openswan.org
Hi List
I'm working on an IPSEC solution for a number of servers (lets say 4) where I need to encrypt traffic between each server (so each servers needs a tunnel to the other 3) for a distributed application. Traffic should not be encrypted between these servers and any others on the network. All IPs are static.
I'm assuming my only option is to set up individual tunnels in a one to many relationship for each of the servers (see configuration below).
Question - is this the correct approach? Is there more concise configuration I can use so I can reuse the configuration files unchanged on all the servers involved? Anything I'm missing?
In the initial setup I'm using pre-shared keys and my config files (connection definitions and secrets file) are:
============ /etc/ipsec.d/test.con
conn host1-to-host2
left=host1
right=host2
auto=start
authby=secret
conn host1-to-host3
left=host1
right=host3
auto=start
authby=secret
conn host1-to-host4
left=host1
right=host4
auto=start
authby=secret
======================
============ /etc/ipsec.d/ipsec.secrets
host1 host2 : PSK "key in quotations"
host1 host3 : PSK "key in quotations"
host1 host4 : PSK "key in quotations"
========================
Thanks
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140624/e974d23d/attachment.html>
More information about the Users
mailing list