Re: [Vyatta-users] IPSec - RSA

Troopy . Tue, 02 Oct 2007 09:17:06 -0700

Oh thanks,

I am stupid i should have though about this !!!
I will test it ASAP


Thanks

Troopy

---------- Original Message ----------------------------------
From: "Stig Thormodsrud" <[EMAIL PROTECTED]>
Date:  Tue, 2 Oct 2007 08:16:54 -0700 (PDT)

>
>Hi Troopy,
>
>I haven't actually tried this on a cisco, but I did bit a googling and
>found this site with an online base64 to hex converter that might help:
>
>http://www.net-force.nl/tools/hex_conv/
>
>stig
>
>> -----Original Message-----
>> From: Troopy . [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, October 02, 2007 12:42 AM
>> To: [EMAIL PROTECTED]; [email protected]; Stig Thormodsrud
>> Subject: RE: [Vyatta-users] IPSec - RSA
>>
>>
>> Hello,
>>
>> Thank for your answer.
>>
>> The thing is when i try to copy the public key generated by Vyatta on
>> Cisco, i have an error
>>  message on cisco at the firrst non-hexadecimal characters.
>>
>> This is because Cisco accepts only hexadecimal characters in the public
>> key field.
>>
>> crypto key pubkey-chain rsa
>> addressed-key 100.0.0.1
>> key string
>>
>> Then, Cisco says " Enter a public key as a hexadecimal characters"
>>
>> the problem is that Vyatta generates its public in ASCII
>>
>> Is it possible to generate the Vyatta public key in hexa?
>>
>> thanks
>>
>>
>>
>>
>> ---------- Original Message ----------------------------------
>> From: "Stig Thormodsrud" <[EMAIL PROTECTED]>
>> Date:  Mon, 1 Oct 2007 08:47:41 -0700 (PDT)
>>
>> >Hi Troopy,
>> >
>> >
>> >
>> >Im not sure about the cisco error, but on the vyatta side the rsa
>config
>> >would like something like:
>> >
>> >
>> >
>> >set vpn ipsec site-to-site peer <x.x.x.x> authentication mode rsa
>> >
>> >set vpn ipsec site-to-site peer <x.x.x.x> authentication rsa-key-sig
>> ><tunnel-name>
>> >
>> >set vpn rsa-keys rsa-key-name <tunnel-name> rsa-key
>>
>>0sAQNwHJia0mD+fNH1uR4vWFlX44UaZEGgVfzWh+IGJlfN3Uw4eFBIL0/vtrRY0U/hkbmbDEN
>> j
>>
>>kTKwY6XtOYK9OPpzOfc5b6fNkY4/7sx9az8Fx19eR4CuGqoNnQveOGVmuNnBDdtYmEKDA4595
>> R
>>
>>kuZ6wBRV6SoTrHmTe+TRpsitH4UCBWrgaou1RnEWj1zsZsezZhbr5VRDX+ydDgdO9hrtRsREg
>> H
>>
>>h+kYecPVvIRQqms0PZrLuOKyDVI5/zGt1T224VTtaRqsu8UlIYehvlq+k5XrQGhzE9Dxz8kOo
>> n
>>
>>jWnwDMiFly88ZF1f4yDnaZH2JeATER+1aPGSMkJ9DUTnFBAtPvJAVec9+ItGAdjYvhkcpkOah
>> C
>>
>>6ZK1CSUnnhwAMrDSt5Pz/3oLKjzDMCVIeSuDVCSZz7nnAEBl/JM2+riPqJNaY/ORE1R5xhYnN
>> Y
>>
>>lEZTRMytmbDGA+sSsUliEcMR55c549GoCzOQFfhk9Tqfs/R4RL6Ih9WGejtJ8PrpI81VkTTb3
>> v
>>
>>QwnKPLUdrd2LmlgnfkCf+ubxz+Mc4Jl4myZ8SVR4iJUNR7jsQLHmwNJwB8GmLfmSUCLPnKDQT
>> 0
>>
>>VFt3z7Xte14EWteCYKfN0HUBNWM0ofgrhJxSKuOa5MtA3Y9HZZpYIAHxeJbJa0AYXxQy2y6q9
>> F
>> >abBrhURETcuXnlmsQ7SKJw==
>> >
>> >
>> >
>> >stig
>> >
>> >
>> >
>> >> Hello,
>> >
>> >>
>> >
>> >> I have 2 questions concerning vyatta rsa mode:
>> >
>> >>
>> >
>> >> 1. RSA&#8722;Encrypted Authentication
>> >
>> >>
>> >
>> >> I am trying to establish a IPSec Tunnel in "RSA&#8722;Encrypted
>> >
>> >> Authentication" mode betwwen Cisco and Vyatta.
>> >
>> >>
>> >
>> >> when i try to copy  the Vyatta rsa public key on cisco, there is an
>> >error
>> >
>> >> message because Cisco seems to use only hexadecmial caracteres
>> >
>> >>
>> >
>> >>
>> >
>> >> 2. RSA&#8722;SIG Authentication/CA
>> >
>> >>
>> >
>> >> Is there a vyatta RSA&#8722;SIG Authentication/CA mode?
>> >
>> >>
>> >
>> >> something like the following Cisco config:
>> >
>> >>
>> >
>> >> crypto isakmmp policy 1
>> >
>> >>    authentification rsa-sig
>> >
>> >>
>> >
>> >> Thanks
>> >
>> >>
>> >
>> >> Troopy
>> >
>> >>
>> >
>> >>
>> >
>> >> ______________________________________________________
>> >
>> >> Désirez vous une adresse éléctronique @suisse.com?
>> >
>> >> Visitez la Suisse virtuelle sur http://www.suisse.com
>> >
>> >>
>> >
>> >> _______________________________________________
>> >
>> >> Vyatta-users mailing list
>> >
>> >> [email protected]
>> >
>> >> http://mailman.vyatta.com/mailman/listinfo/vyatta-users
>> >
>> >
>> >
>>
>>
>>
>> ______________________________________________________
>> Désirez vous une adresse éléctronique @suisse.com?
>> Visitez la Suisse virtuelle sur http://www.suisse.com
>
>
>
 

 
______________________________________________________
Désirez vous une adresse éléctronique @suisse.com?
Visitez la Suisse virtuelle sur http://www.suisse.com

_______________________________________________
Vyatta-users mailing list
[email protected]
http://mailman.vyatta.com/mailman/listinfo/vyatta-users

Re: [Vyatta-users] IPSec - RSA

Reply via email to