Re: [leaf-user] Problem IPSec with Bering

Sun, 19 Oct 2003 09:21:56 -0700

Mikael

At 14:29 17.10.2003 +0200, Mika�l PLOUHINEC wrote: 
...
# connection de test entre Bic et Exodus
conn Bic-Exodus
        left=%defaultroute
        leftsubnet=192.168.1.0/24
        leftnexthop=

leave away or enter sensible value...

        right=172.16.10.4
        rightsubnet=10.0.0.0/8
        rightnexthop=<gateway of the second router>
        auto=start
        authby=rsasig


leftrsasigkey=0sAQOKGduouVCa7t6wwdgCbdJfT7q7eH59KBU8Cey6Ikohq3FQffLKIhvbihcklXX91ZZXzXADRkagdyDkJ9dqCp7RHiiQOd1gRI3Gf4m1d9ZFHv0gm0oHnVBjqJwA+whugOQDCEh3Ya884y2qdz7cW+2VYfTehWwFVw+JVTMNSKv/hw==

rightrsasigkey=0sAQOH3JtWlFtIDdAmhgcUz2U+jqEP7iyUTz6pO03hB++wQYMY2JI2d5PgC96HTs0DdLrJAgAcwjRJ4vSSOZejifbQVCCIFVmbWImdoh8BB5IOizW/Jkerp6Mr3L+VlBUoUCPAWrx5OvqcBsIuP7ySy9CgtrJc1YkFc0cV9tMQvkbgGQ==



The ipsec.conf on the second router is :

# basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=none
plutodebug=all
# Use auto= parameters in conn descriptions to control startup actions.
plutoload=%search
plutostart=%search



# defaults for subsequent connection descriptions
conn %default
        # How persistent to be in (re)keying negotiations (0 means very).
        keyingtries=0



# connection de test entre Bic et Exodus
conn Bic-Exodus
        left=172.16.10.1
        leftsubnet=192.168.1.0/24
        leftnexthop=<gateway of the first router>
        right=%defaultroute
        rightsubnet=10.0.0.0/8
        rightnexthop=

leave these away or add sensible values...

auto=start

Make one of the gateways auto=add

HTH

Erich




-------------------------------------------------------
This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo
The Event For Linux Datacenter Solutions & Strategies in The Enterprise
Linux in the Boardroom; in the Front Office; & in the Server Room
http://www.enterpriselinuxforum.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to