Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
openswan [2007/01/05 13:39] a pix pix pix pix |
openswan [2012/05/18 11:13] 216.206.60.33 ffgftAORYO |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Openswan ====== | + | 8IqsLG , [url=http://kywwfraotins.com/]kywwfraotins[/ |
- | + | ||
- | ex FreeSWAN - IPSec kernel stack and userspace ipsec tools for linux | + | |
- | + | ||
- | see: [[http://www.openswan.org|Openswan main page]], [[http://wiki.openswan.org|Openswan' | + | |
- | + | ||
- | + | ||
- | ===== OpenSWAN + Cisco PIX ===== | + | |
- | + | ||
- | | + | |
- | + | ||
- | | + | |
- | interfaces=%defaultroute | + | |
- | klipsdebug=all #enable debugging | + | |
- | plutodebug=all | + | |
- | + | ||
- | conn tunnelipsec | + | |
- | type=tunnel | + | |
- | left=x.x.x.x | + | |
- | leftnexthop=y.y.y.y | + | |
- | leftsubnet=10.0.0.0/8 # network behind your endpoint | + | |
- | right=%any | + | |
- | rightnexthop=%defaultroute | + | |
- | rightsubnet=10.2.0.0/16 #network behind the PIX | + | |
- | esp=3des-sha1 | + | |
- | keyexchange=ike | + | |
- | authby=secret | + | |
- | pfs=yes | + | |
- | auto=add | + | |
- | | + | |
- | + | ||
- | PIX setup | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | nat (inside) 0 access-list 108 | + | |
- | | + |