Tom Tom Hendrickx wrote: > Hi, > > I want to make my leafsystem a vpn server through openswan. This for > roadwarriors alone to be able to connect to the network behind it. > Is this configuration out of chapter 9 also working for this, or what > changes should be made? > I'm getting really in trouble trying to configure this..
Mhhh... yes XSwan is not for the faint of heart :-). Mostly the configuration is very case specific. The samples just show the most common settings. If you want us to understand your config files you need to show your set up, possibly in ascii art. Typically roadwarrier settings are easier to accomplish with OpenVPN. > > # basic configuration > config setup > # plutodebug / klipsdebug = "all", "none" or a combation from below: > # "raw crypt parsing emitting control klips pfkey natt x509 private" > # eg: > # plutodebug="control parsing" > # > # Only enable klipsdebug=all if you are a developer > # > # NAT-TRAVERSAL support, see README.NAT-Traversal > # nat_traversal=yes > # virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12 > interfaces=%defaultroute > > # Add connections here > > # sample VPN connection > conn sample > # Left security gateway, subnet behind it, nexthop toward right. > left=west.dyndns.org > leftsubnet=192.168.1.0/24 > leftcert=west-cert.pem > # Right security gateway, subnet behind it, nexthop toward left. > right=%defaultroute > rightsubnet=192.168.2.0/24 > rightcert=east-cert.pem > # To authorize this connection, but not actually start it, > # at startup, uncomment this. > auto=start > > #Disable Opportunistic Encryption > include /etc/ipsec.d/examples/no_oe.conf > > > Thanks, > Tom > > cheers Erich ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
