I did some experiments with Fedora 28. The instructions in the RHEL 7 Security Guide, section 4.6.3, "Creating Host-To-Host VPN Using Libreswan," suggest you can just use:
ipsec newhostkey I tried this, but it did not work. I got the problem that it cannot find its own key. Instead I had to use the form given in the "Host to host VPN" configuration example on the website, i.e.: ipsec newhostkey --output /etc/ipsec.secrets That created the correct entry to /etc/ipsec.secrets. Once I had started ipsec on both ends, I was able to check that the tunnel was up with: ipsec auto --start mytunnel ping OTHER.SERVER.IP.ADDRESS ipsec whack --trafficstatus On Thu, Jan 24, 2019 at 6:34 AM Alex <[email protected]> wrote: > > > > At some point I thought it was working. Is there a known problem with > > > using RSA keys? Any idea why it can't find its own private key? _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
