[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: Re: [Openswan Users] Hello world..:)
From: Paul Wouters <paul () xelerance ! com>
Date: 2006-01-31 15:18:34
Message-ID: Pine.LNX.4.63.0601311617440.11441 () tla ! xelerance ! com
[Download RAW message or body]
On Tue, 31 Jan 2006, acidburn@vivonet.lv wrote:
> Hi, I'm a total newbie in IPSec and ISKMP things.
> So.. I have OpenSwan installed on Gentoo.
> I need to make a tunnel to a mobile operator.
> The operator sent me the needed requirements for customer's IPSec/IKE software \
> (given in terms of according RFC's) Could You please help me to generate the \
> ipsec.conf for these parameters?
> ISAKMP SA Main Mode ON
> ISAKMP SA Aggressive Mode OFF
> ISAKMP SA Authentication PRESHARED SECRET
> ISAKMP SA Cypher 3DES CBC
> ISAKMP SA Hash function MD5
> ISAKMP SA Diffie Hellman group 2
> ISAKMP SA SA lifetime (hours) 4
> IPSec SA encryption/authenti ESP
> IPSec SA Mode QUICK
> IPSec SA Cypher 3DES CBC
> IPSec SA Hash Function MD5
> IPSec SA Perfect Forward Secrecy OFF
> IPSec SA Lifetime (hours) 1
That should all work in standard settings. the only specific things you need is:
pfs=no
authby=secret
Paul
_______________________________________________
Users mailing list
Users@openswan.org
http://lists.openswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic