27 Aug 20:11
Re: IPSEC VPN between OpenBSD and Linux (OpenSwan)
Laurent CARON <lcaron <at> unix-scripts.info>
2008-08-27 18:11:30 GMT
2008-08-27 18:11:30 GMT
Dirk Mast wrote:
> Linux /etc/ipsec.conf:
>
> version 2.0
> config setup
... (snip)
Hi,
I finally managed to get it up and working (without IKE).
OpenBSD:
/etc/ipsec.conf:
ike esp from 10.50.0.0/24 to 192.168.9.0/24 peer PUBLIC_LINUX quick \
auth hmac-sha1 enc aes group modp1024 psk "secret"
Linux:
/etc/ipsec.conf
conn openbsd
left=PUBLIC_LINUX
leftsubnet=192.168.9.0/24
right=PUBLIC_BSD
rightsubnet=10.50.0.0/24
keyexchange=ike
auto=start
auth=esp
authby=secret
pfs=yes
keyingtries=%forever
rekeymargin=4m
disablearrivalcheck=no
rekey=yes
aggrmode=no
esp=aes128-sha1
ike=aes128-sha1-modp1024
There is of course an appropriate entry in /etc/ipsec.secrets
Thanks for everybody's help.
Laurent
RSS Feed