[Openswan Users] Host-To-Host VPN in star topology

Michael Furman michael_furman at hotmail.com
Sun Mar 20 10:43:16 EDT 2016


Hi all,

I have started POC to enable Openswan in our product.I need to support Host-To-Host VPN in star topology.I have found this answer but I need some clarification: https://lists.openswan.org/pipermail/users/2008-January/013931.html  Is it possible to define the left configuration on central only once and then to reuse it for each additional connection (on central)?  I want to reuse it since in case of certificate replacement I want to change the leftrsasigkey configuration only once on central. Ideally it should be like this:  On central: conn central- site1      leftid=@10.0.0.1     left=10.0.0.1    leftrsasigkey=0...w==                            rightid=@10.10.0.1    right=10.10.0.1    rightrsasigkey=0...w==      authby=rsasig     # load and initiate automatically    auto=start  conn central- site2     leftid=@<reuse somehow>     left=@<reuse somehow>     leftrsasigkey=@<reuse somehow>                            rightid=@10.10.0.2    right=10.10.0.2    rightrsasigkey=0...w==      authby=rsasig     # load and initiate automatically    auto=start    On site1: conn central- site1      leftid=@10.0.0.1     left=10.0.0.1    leftrsasigkey=0...w==                            rightid=@10.10.0.1    right=10.10.0.1    rightrsasigkey=0...w==      authby=rsasig     # load and initiate automatically    auto=start  On site2: conn central- site2     leftid=@10.0.0.1     left=10.0.0.1    leftrsasigkey=0...w==                            rightid=@10.10.0.2    right=10.10.0.2    rightrsasigkey=0...w==      authby=rsasig     # load and initiate automatically    auto=start  		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20160320/ea0b4e05/attachment-0001.html>


More information about the Users mailing list