-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
Simon Buckner wrote:
I have setup a IPSEC VPN using Openswan to connect a Draytek router
to a CentOS 5.2/Shorewall 4.2.9 firewall. The VPN establishes OK but
Im getting a problem with packets from the left hand subnet getting
Thanks for the responses. My first port of call was
http://www.shorewall.net/IPSEC-2.6.html so thanks to all those who so helpfully
suggested that I read it! It was actually one of the first documents returned
by Google when I started searching.
The above instructions use Racoon to create the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Simon Buckner wrote:
All the examples I've looked at seem to relate to Racoon which
creates an interface for each tunnel (e.g. IPSEC0) whereas
Openswan/NETKEY doesn't.
The Shorewall configuration is independent of which tool you use to
configure
Simon Buckner wrote:
The above instructions use Racoon to create the IPSEC VPN but
unfortunately Racoon doesn't support the same encryption protocols as
the Draytek that is used at the other end. Therefore I have used
OpenSwan (NETKEY as opposed to KLIPS) as that provides a very nice
match.