Strongswan-openswan-psk: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=Strongswan= *cat /etc/ipsec.conf <pre> conn a2s authby=secret keyexchange=ikev1 left=192.168.252.89 leftid=@tiazel leftsubnet=10.254…“) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 2: | Zeile 2: | ||
*cat /etc/ipsec.conf | *cat /etc/ipsec.conf | ||
<pre> | <pre> | ||
| − | conn | + | conn o2s |
authby=secret | authby=secret | ||
keyexchange=ikev1 | keyexchange=ikev1 | ||
| Zeile 8: | Zeile 8: | ||
leftid=@tiazel | leftid=@tiazel | ||
leftsubnet=10.254.32.0/24 | leftsubnet=10.254.32.0/24 | ||
| − | right=192.168.252. | + | right=192.168.252.200 |
| − | rightid=@ | + | rightid=@rome |
| − | rightsubnet=10.254. | + | rightsubnet=10.254.31.0/24 |
| − | + | ike=aes256-sha1-modp1536 | |
| − | + | esp=aes256-sha1-modp1536 | |
| − | ike=aes256- | + | auto=start |
| − | + | </pre> | |
| + | *cat /etc/ipsec.secrets | ||
| + | @tiazel @rome : PSK "suxer" | ||
| + | =Openswan= | ||
| + | *cat /etc/ipsec.conf | ||
| + | <pre> | ||
| + | version 2.0 | ||
| + | config setup | ||
| + | dumpdir=/var/run/pluto/ | ||
| + | nat_traversal=no | ||
| + | oe=off | ||
| + | protostack=netkey | ||
| + | conn o2s | ||
| + | authby=secret | ||
| + | left=192.168.252.200 | ||
| + | leftid=@rome | ||
| + | leftsubnet=10.254.31.0/24 | ||
| + | right=192.168.252.89 | ||
| + | rightid=@tiazel | ||
| + | rightsubnet=10.254.32.0/24 | ||
| + | ike=aes256-sha1-modp1536 | ||
| + | phase2alg=aes256-sha1-1536 | ||
auto=start | auto=start | ||
</pre> | </pre> | ||
*cat /etc/ipsec.secrets | *cat /etc/ipsec.secrets | ||
| − | @tiazel @ | + | @tiazel @rome : PSK "suxer" |
Version vom 30. März 2017, 13:03 Uhr
Strongswan
- cat /etc/ipsec.conf
conn o2s
authby=secret
keyexchange=ikev1
left=192.168.252.89
leftid=@tiazel
leftsubnet=10.254.32.0/24
right=192.168.252.200
rightid=@rome
rightsubnet=10.254.31.0/24
ike=aes256-sha1-modp1536
esp=aes256-sha1-modp1536
auto=start
- cat /etc/ipsec.secrets
@tiazel @rome : PSK "suxer"
Openswan
- cat /etc/ipsec.conf
version 2.0
config setup
dumpdir=/var/run/pluto/
nat_traversal=no
oe=off
protostack=netkey
conn o2s
authby=secret
left=192.168.252.200
leftid=@rome
leftsubnet=10.254.31.0/24
right=192.168.252.89
rightid=@tiazel
rightsubnet=10.254.32.0/24
ike=aes256-sha1-modp1536
phase2alg=aes256-sha1-1536
auto=start
- cat /etc/ipsec.secrets
@tiazel @rome : PSK "suxer"