Strongswan zu strongswan aggressive modus: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| (4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
| − | =Config on | + | =Config on server= |
Add thin entry | Add thin entry | ||
*/etc/strongswan.conf | */etc/strongswan.conf | ||
| Zeile 24: | Zeile 24: | ||
*/etc/ipsec.secrets | */etc/ipsec.secrets | ||
<pre> | <pre> | ||
| − | 10.84.252.32 %any : PSK " | + | 10.84.252.32 %any : PSK "tina" |
</pre> | </pre> | ||
| − | =Config on | + | |
| + | =Config on client= | ||
Add thin entry | Add thin entry | ||
*/etc/strongswan.conf | */etc/strongswan.conf | ||
| Zeile 43: | Zeile 44: | ||
left=10.84.252.32 | left=10.84.252.32 | ||
leftsubnet=10.83.32.0/24 | leftsubnet=10.83.32.0/24 | ||
| − | right= | + | right=10.84.252.33 |
rightsubnet=10.83.33.0/24 | rightsubnet=10.83.33.0/24 | ||
ike=aes128-sha1-modp1024 | ike=aes128-sha1-modp1024 | ||
| Zeile 51: | Zeile 52: | ||
*/etc/ipsec.secrets | */etc/ipsec.secrets | ||
<pre> | <pre> | ||
| − | 10.84.252.32 %any : PSK " | + | 10.84.252.32 %any : PSK "tina" |
</pre> | </pre> | ||
Aktuelle Version vom 9. November 2017, 10:04 Uhr
Config on server
Add thin entry
- /etc/strongswan.conf
charon {
i_dont_care_about_security_and_use_aggressive_mode_psk = yes
...
}
- /etc/ipsec.conf
conn s2s
authby=secret
keyexchange=ikev1
aggressive = yes
left=10.84.252.32
leftsubnet=10.83.32.0/24
right=%any
rightsubnet=10.83.33.0/24
ike=aes128-sha1-modp1024
esp=aes128-sha1-modp1024
auto=start
- /etc/ipsec.secrets
10.84.252.32 %any : PSK "tina"
Config on client
Add thin entry
- /etc/strongswan.conf
charon {
i_dont_care_about_security_and_use_aggressive_mode_psk = yes
...
}
- /etc/ipsec.conf
conn s2s
authby=secret
keyexchange=ikev1
aggressive = yes
left=10.84.252.32
leftsubnet=10.83.32.0/24
right=10.84.252.33
rightsubnet=10.83.33.0/24
ike=aes128-sha1-modp1024
esp=aes128-sha1-modp1024
auto=start
- /etc/ipsec.secrets
10.84.252.32 %any : PSK "tina"