Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
openswan [2009/05/25 00:35] 127.0.0.1 external edit |
openswan [2012/05/16 17:05] 188.143.232.12 yrdUzUHkomYKXJPJGb |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Openswan ====== | + | I used this configuration but when I fensihid , saved and issued the show config command my access list local network entries were changed to what is below. Did I do something wrong? |
- | + | ||
- | ex FreeSWAN - IPSec kernel stack and userspace ipsec tools for linux | + | |
- | + | ||
- | see: [[http:// | + | |
- | + | ||
- | ===== ipsec.secrets ===== | + | |
- | <code |f ipsec.secrets> | + | |
- | x.x.x.x | + | |
- | x.x.x.x %any: | + | |
- | : RSA { | + | |
- | # RSA 2048 bits | + | |
- | # for signatures only, UNSAFE FOR ENCRYPTION | + | |
- | # | + | |
- | </ | + | |
- | + | ||
- | ===== OpenSWAN + Cisco PIX ===== | + | |
- | + | ||
- | | + | |
- | + | ||
- | | + | |
- | interfaces=%defaultroute | + | |
- | klipsdebug=all #enable debugging | + | |
- | plutodebug=all | + | |
- | + | ||
- | conn tunnelipsec | + | |
- | type=tunnel | + | |
- | left=x.x.x.x | + | |
- | leftnexthop=y.y.y.y | + | |
- | leftsubnet=10.0.0.0/8 # network behind your endpoint | + | |
- | right=%any | + | |
- | rightnexthop=%defaultroute | + | |
- | rightsubnet=10.2.0.0/ | + | |
- | esp=3des-sha1 #esp: 3des, hmac: sha1 | + | |
- | keyexchange=ike #use regular ike | + | |
- | authby=secret | + | |
- | pfs=yes | + | |
- | auto=add | + | |
- | | + | |
- | + | ||
- | PIX setup | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | nat (inside) | + | |
- | | + |