Hi Martin,
I downloaded the openssl-1.0.0d.tar.gz. Build the openssl with
enabled the ec and ecdh (Elliptic curve Diffie–Hellman Group) support as stated
below.
1. ./config enable-ec enable-ecdh
2. make
3. make test
4. make install
But upon checking whether ECDH
Hello Serge,
conn academ.certs.locally.stored
leftsubnet=192.168.169.0/24
leftsendcert = never
right=%any
rightcert=peercerts/academ2034.hostCert.pem
rightsendcert = never
rightsubnet=192.168.3.0/24 //which way is better
Hello Volker,
We have 2 identical entries in the xfrm pol:
[root@frqx ~]# ip xfrm pol
src 192.168.3.0/24 dst 192.168.169.0/24
dir in priority 1859
tmpl src xx.xx.210.3 dst xx.xx.230.112
proto esp reqid 56 mode tunnel
src 192.168.3.0/24 dst 192.168.169.0/24