Charles Steinkuehler Thank you for your replay to my letter, as you wrote the problem was that "the two VPN gateways WILL NOT be able to ping each".
I am just now looking at five different Vmware-windows on my screen and the workstations in each end have contact with each other over an Ipsec-tunnel. Workstation1 - Dac_Ipsec_01 --- debian22 --- Dac_Ipsec_02 --- Workstation2 (the workstations are Dachstein disk-images, the Dac_Ipsec are Dachstein on harddisk and the debian22 is a full debian - all in Vmware on a W2000 Pentium 1,7 and 256 MB) You are right about that Vmware may "throws a whole additional layer of complexity" into the testing - but it is fun and it eliminates some of the trouble with networks cables etc. And now to my question ---------------------- IPSEC SECRETS & MORE THAN ONE TUNNEL Configuration of Ipsec secrets We have one head office, two shops, two employees with cable modems with DHCP but known IP addresses for the local nets and two Roadwarriors. If possible I would like to keep thing as simple as possible and use PSK. As the IP addresses are known for the head office and the shops I would like to have different PSK for each tunnel. Can I just list the secrets with IP addresses in the ipsec.secrets-file? And what happening if I put in an other PSK with %any for the remote IP, i.e. in witch order is Ipsec reading the ipsec.secrets-file? Can I put the PSK secrets in the ipsec.conf-file, I think I have seen this somewhere. I know that the documentation says that you can only have one secrets ,PSK or RSA, for all Roadwarriors. What I wonder is how Ipsec is handle the name for the connections. Would it be possible to have two Roadwarriors connections with different names and one secret for each connection? I know that one solution presumably would be to use certificates, but I would prefer to keep things as simple as possible. I have read the documentation and search the web but I have not find any information about this. So is it I who is stupid or . Regards Lars Emilsson ------------------------------------------------------- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html