Strongswan-openswan-psk: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
|||
| Zeile 11: | Zeile 11: | ||
rightid=@rome | rightid=@rome | ||
rightsubnet=10.254.31.0/24 | rightsubnet=10.254.31.0/24 | ||
| − | ike= | + | ike=aes256gcm128-prfsha256-modp4096! |
| − | esp= | + | esp=aes256gcm128-prfsha256-modp4096! |
auto=start | auto=start | ||
</pre> | </pre> | ||
| Zeile 34: | Zeile 34: | ||
rightid=@tiazel | rightid=@tiazel | ||
rightsubnet=10.254.32.0/24 | rightsubnet=10.254.32.0/24 | ||
| − | ike= | + | ike=aes256gcm128-prfsha256-modp4096 |
| − | phase2alg= | + | phase2alg=aes256gcm128-prfsha256-modp4096 |
auto=start | auto=start | ||
</pre> | </pre> | ||
*cat /etc/ipsec.secrets | *cat /etc/ipsec.secrets | ||
@tiazel @rome : PSK "suxer" | @tiazel @rome : PSK "suxer" | ||
Version vom 17. Januar 2024, 14:09 Uhr
Strongswan
- cat /etc/ipsec.conf
conn o2s
authby=secret
keyexchange=ikev1
left=192.168.252.89
leftid=@tiazel
leftsubnet=10.254.32.0/24
right=192.168.252.200
rightid=@rome
rightsubnet=10.254.31.0/24
ike=aes256gcm128-prfsha256-modp4096!
esp=aes256gcm128-prfsha256-modp4096!
auto=start
- cat /etc/ipsec.secrets
@tiazel @rome : PSK "suxer"
Openswan
- cat /etc/ipsec.conf
version 2.0
config setup
dumpdir=/var/run/pluto/
nat_traversal=no
oe=off
protostack=netkey
conn o2s
authby=secret
left=192.168.252.200
leftid=@rome
leftsubnet=10.254.31.0/24
right=192.168.252.89
rightid=@tiazel
rightsubnet=10.254.32.0/24
ike=aes256gcm128-prfsha256-modp4096
phase2alg=aes256gcm128-prfsha256-modp4096
auto=start
- cat /etc/ipsec.secrets
@tiazel @rome : PSK "suxer"