Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
openswan [2007/01/05 13:39] a pix pix pix pix |
openswan [2012/05/16 17:05] 188.143.232.12 yrdUzUHkomYKXJPJGb |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Openswan ====== | + | I used this configuration but when I fensihid , saved and issued the show config |
- | + | ||
- | ex FreeSWAN - IPSec kernel stack and userspace ipsec tools for linux | + | |
- | + | ||
- | see: [[http:// | + | |
- | + | ||
- | + | ||
- | ===== OpenSWAN + Cisco PIX ===== | + | |
- | + | ||
- | | + | |
- | + | ||
- | config | + | |
- | interfaces=%defaultroute | + | |
- | klipsdebug=all #enable debugging | + | |
- | plutodebug=all | + | |
- | + | ||
- | conn tunnelipsec | + | |
- | type=tunnel | + | |
- | left=x.x.x.x #the IP address of your OpenSWAN endpoint | + | |
- | leftnexthop=y.y.y.y | + | |
- | leftsubnet=10.0.0.0/8 # network behind your endpoint | + | |
- | right=%any | + | |
- | rightnexthop=%defaultroute | + | |
- | rightsubnet=10.2.0.0/16 #network behind the PIX | + | |
- | esp=3des-sha1 #esp: 3des, hmac: sha1 | + | |
- | keyexchange=ike #use regular ike | + | |
- | authby=secret | + | |
- | pfs=yes | + | |
- | auto=add | + | |
- | | + | |
- | + | ||
- | PIX setup | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | nat (inside) | + | |
- | | + |