Re: IPSEC VPN between OpenBSD and Linux (OpenSwan)

Laurent CARON Wed, 27 Aug 2008 11:16:34 -0700

Dirk Mast wrote:

Linux /etc/ipsec.conf:


version 2.0
config setup

... (snip)

Hi,

I finally managed to get it up and working (without IKE).

OpenBSD:
        /etc/ipsec.conf:
ike esp from 10.50.0.0/24 to 192.168.9.0/24 peer PUBLIC_LINUX quick \
        auth hmac-sha1 enc aes group modp1024 psk "secret"

Linux:
        /etc/ipsec.conf
conn openbsd
    left=PUBLIC_LINUX
    leftsubnet=192.168.9.0/24
    right=PUBLIC_BSD
    rightsubnet=10.50.0.0/24
    keyexchange=ike
    auto=start
    auth=esp
    authby=secret
    pfs=yes
    keyingtries=%forever
    rekeymargin=4m
    disablearrivalcheck=no
    rekey=yes
    aggrmode=no
    esp=aes128-sha1
    ike=aes128-sha1-modp1024

There is of course an appropriate entry in /etc/ipsec.secrets

Thanks for everybody's help.

Laurent

Re: IPSEC VPN between OpenBSD and Linux (OpenSwan)

Reply via email to