Howdy,
I got the pre-shared key to work, so of course now it is time to fix
what's working and try RSA. Ok, just a few simple questions I hope:
1) Sentinel: Once a certificate is generated with an associated name,
and I export the public key, when it is put into ipsec.conf, do I put an
0s or 0x in front of it (I suspect an 0s - zero s that is)?
2) Dachstein IPSec: If I understand this correctly, is the hostname of
the machine somehow encoded into the public/private key pair? And if
so, how do I control the name - I presume it should be an FQDN... I
guess I could just change the hostname to the FQDN... I am also
presuming that I have to set leftid (points to the local subnet).
3) If you are not using a CA, does it really matter what the FQDN is?
Does IPSec at any time check it against a DNS if it has a @ prefix?
Thanks for your patience and help,
Jon
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
