Re: lug-bg: VPN
- Subject: Re: lug-bg: VPN
- From: Denislav Ganchev <denislav.ganchev@xxxxxxxxxx>
- Date: Thu, 04 Nov 2004 14:00:52 +0200
- Organization: Bianor Ltd
Ами да с Ядро 2.6 съм. Но според синтаксиса в man ipsec.conf. Другия
вариант е interfaces=%defaultroute. При такова дефиниране на interfaces
ми спира изцяло връзката с, който и да е интерфейс към машината. Иначе
openswana e 2.2.0-4.
On Thu, 2004-11-04 at 13:14 +0200, Georgi Ivanov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Denislav Ganchev wrote:
> | version 2.0
> |
> | config setup
> | interfaces="ipsec0=eth1"
> | nat_traversal=yes
> | virtual_private=%v4:10.0.0.0/16,%v4:172.16.0.0/12,%
> | v4:192.168.0.0/16
> | plutodebug="all"
> | klipsdebug="all"
> |
> | conn %default
> | keyingtries=5
> | compress=yes
> | disablearrivalcheck=no
> | authby=rsasig
> | leftrsasigkey=%cert
> | rightrsasigkey=%cert
> |
> | conn roadwarrior-net
> | leftsubnet=0.0.0.0/0
> | also=roadwarrior
> |
> | conn roadwarrior-l2tp
> | leftprotoport=17/0
> | rightprotoport=17/1701
> | also=roadwarrior
> |
> | conn roadwarrior-l2tp-updatedwin
> | leftprotoport=17/1701
> | rightprotoport=17/1701
> | also=roadwarrior
> |
> | conn roadwarrior
> | left=10.0.0.50
> | leftcert=thewall.pem
> | right=%any
> | rightsubnet=vhost:%no,%priv
> | auto=add
> | pfs=yes
> |
> | On Thu, 2004-11-04 at 12:01 +0200, Georgi Ivanov wrote:
> |
> | �4=> CB>G=5=85 :>5B> 701@028E 40 B8 :060 5 , G5 25@A88B5 SSHSentinel 70
> | C8=4>CA XP 8 2000 A0 @07;8G=8 8 0:> A;>68H 70 2000 =0 XP B5 G0:0B 5:@0=8
> | A F25B0 =0 4J30B0 :)))).
> | P.S �0?@028 copy paste =0 B2>O ipsec.conf BC:.
> | --
> | Georgi Ivanov
> | System Administrator
> | Aii Data Processing
> | IT Department
> |
> | http://6lyokavitza.org
> Хммм ами щом няма ppp в цялата работа това по долу е излишно
> conn roadwarrior-l2tp
> ~ leftprotoport=17/0
> ~ rightprotoport=17/1701
> ~ also=roadwarrior
> Aко използваш 2.6.X ядро interfaces="ipsec0=eth1" <- това няма да работи
> понеже 2.6.X разчитат на native ipsec който е в ядрото макар, че
> openswan 2.3 включва отново KLIPS подръжката в ядрото.
> ============================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ============================================================================
>
> - --
> Georgi Ivanov
> Aii Data Processing
> System Administrator
> IT Department
>
> http://6lyokavitza.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (FreeBSD)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFBig8X0dEkp0mjhDsRAkE3AJ46/mrluzaXslWnuFn4t6rvRY45bgCgjp+R
> 2lNO19UCbWulUvO4Xwhevic=
> =mm7S
> -----END PGP SIGNATURE-----
> ============================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
> http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
> To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
> ============================================================================
Attachment:
signature.asc
Description: This is a digitally signed message part
|