[Openswan Users] create pre-share-key for muilt point

MichaelLeung gbcbooksmj at gmail.com
Fri Feb 19 03:08:21 EST 2016


i was wonder is there any way to encrypt data on Router when before 
being sent out , like shadowsocks. and Server just decrypt using the 
same secrets.

i throw out this problem just because my ike negoinitiation  are always 
interrupted by national firewall.

On 02/19/2016 10:14 AM, MichaelLeung wrote:
> so , i can't use seperate secrets when i haven't a public address.
>
> On 02/17/2016 03:53 PM, Nick Howitt wrote:
>> Yes. Either that or use aggressive mode or ikev2 when you can match 
>> on left/rightid.
>>
>> Nick
>>
>>
>> On 2016-02-17 05:29, MichaelLeung wrote:
>>> what if one of my site  doesn't have a stable public ip address ? is
>>> that meaning i have to use %any to match all connection ?
>>>
>>> On 02/17/2016 01:25 PM, MichaelLeung wrote:
>>>
>>>> i had subscriber to the maillist .
>>>>
>>>> On 02/05/2016 10:49 PM, Patrick Naubert wrote:
>>>>
>>>>> Rescued from the spam bucket. Please remember to subscribe to
>>>>> the mailing list before posting to it.
>>>>>
>>>>> FROM: "Mittelsdorf, Bjoern" <Bjoern.Mittelsdorf at scheer-group.com>
>>>>>
>>>>> SUBJECT: RE: [OPENSWAN USERS] CREATE PRE-SHARE-KEY FOR MUILT POINT
>>>>>
>>>>> DATE: February 5, 2016 at 2:00:33 AM EST
>>>>>
>>>>> TO: "users at lists.openswan.org" <users at lists.openswan.org>
>>>>>
>>>>> Hi Michael,
>>>>>
>>>>> you can (probably should :-) ) use different keys for different
>>>>> connections.
>>>>>
>>>>> But it will not work with the %any placeholder in the first line,
>>>>> if I am not mistaken.
>>>>>
>>>>> Cheers
>>>>>
>>>>> Björn
>>>>>
>>>>>
>>>>
>>> ----------------------------------------------------------------------
>>>>> From: MichaelLeung <gbcbooksmj at gmail.com>
>>>>> Subject: [Openswan Users] create pre-share-key for muilt point
>>>>>
>>>>> hi all
>>>>>
>>>>> can we create more than one pre-share-key ?
>>>>> for example, i have three VPS running on the internet and i want
>>>>> use different pre-share-key to communicate is it ipsec.secrets
>>>>> correct ?
>>>>> #
>>>>> include /etc/ipsec.d/*.secrets
>>>>> 192.168.1.1 %any : PSK "sharekey1"
>>>>> 192.168.1.1 192.168.2.1 : PSK "sharekey2"
>>>>> 192.168.1.1 192.168.3.1 : PSK "sharekey3"
>>>>>
>>>>> _______________________________________________
>>>>> Users at lists.openswan.org
>>>>> https://lists.openswan.org/mailman/listinfo/users [1]
>>>>> Micropayments:
>>>>> https://flattr.com/thing/38387/IPsec-for-Linux-made-easy [2]
>>>>> Building and Integrating Virtual Private Networks with Openswan:
>>>>>
>>>>
>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155 
>>>
>>>>> [3]
>>>
>>>
>>>
>>> Links:
>>> ------
>>> [1] https://lists.openswan.org/mailman/listinfo/users
>>> [2] https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>>> [3] 
>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155 
>>>
>>>
>>> _______________________________________________
>>> Users at lists.openswan.org
>>> https://lists.openswan.org/mailman/listinfo/users
>>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>>> Building and Integrating Virtual Private Networks with Openswan:
>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155 
>>>
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: gbcbooksmj.vcf
Type: text/x-vcard
Size: 4 bytes
Desc: not available
URL: <http://lists.openswan.org/pipermail/users/attachments/20160219/e6997d9e/attachment.vcf>


More information about the Users mailing list