Home » Mailing list archives » openbsd-misc » 2008 » August » 27

Re: IPSEC VPN between OpenBSD and Linux (OpenSwan)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Laurent CARON
Subject: Re: IPSEC VPN between OpenBSD and Linux (OpenSwan)
Date: Wednesday, August 27, 2008 - 11:11 am

Dirk Mast wrote:
... (snip)

Hi,

I finally managed to get it up and working (without IKE).

OpenBSD:
	/etc/ipsec.conf:
ike esp from 10.50.0.0/24 to 192.168.9.0/24 peer PUBLIC_LINUX quick \
	auth hmac-sha1 enc aes group modp1024 psk "secret"

Linux:
	/etc/ipsec.conf
conn openbsd
     left=PUBLIC_LINUX
     leftsubnet=192.168.9.0/24
     right=PUBLIC_BSD
     rightsubnet=10.50.0.0/24
     keyexchange=ike
     auto=start
     auth=esp
     authby=secret
     pfs=yes
     keyingtries=%forever
     rekeymargin=4m
     disablearrivalcheck=no
     rekey=yes
     aggrmode=no
     esp=aes128-sha1
     ike=aes128-sha1-modp1024

There is of course an appropriate entry in /etc/ipsec.secrets

Thanks for everybody's help.

Laurent
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
Re: IPSEC VPN between OpenBSD and Linux (OpenSwan), Dirk Mast, (Wed Aug 27, 10:19 am)
Re: IPSEC VPN between OpenBSD and Linux (OpenSwan), Laurent CARON, (Wed Aug 27, 11:11 am)