Strongswan-openswan-psk: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
Zeile 17: Zeile 17:
 
     dpdaction=restart
 
     dpdaction=restart
 
     dpddelay=10s
 
     dpddelay=10s
 
 
</pre>
 
</pre>
 
*cat /etc/ipsec.secrets  
 
*cat /etc/ipsec.secrets  

Aktuelle Version vom 19. Februar 2024, 09:03 Uhr

Strongswan

  • cat /etc/ipsec.conf
conn o2s
     authby=secret
     keyexchange=ikev1
     left=192.168.252.89
     leftid=@tiazel
     leftsubnet=10.254.32.0/24
     right=192.168.252.200
     rightid=@rome
     rightsubnet=10.254.31.0/24
     ike=aes256gcm128-prfsha256-modp4096!
     esp=aes256gcm128-prfsha256-modp4096!
     auto=start
     closeaction=restart
     dpdaction=restart
     dpddelay=10s
  • cat /etc/ipsec.secrets
@tiazel @rome  : PSK "suxer"

Openswan

  • cat /etc/ipsec.conf
version 2.0
config setup
     dumpdir=/var/run/pluto/
     nat_traversal=no
     oe=off
     protostack=netkey
conn o2s
     authby=secret
     left=192.168.252.200
     leftid=@rome
     leftsubnet=10.254.31.0/24
     right=192.168.252.89
     rightid=@tiazel
     rightsubnet=10.254.32.0/24
     ike=aes256gcm128-prfsha256-modp4096
     phase2alg=aes256gcm128-prfsha256-modp4096
     auto=start
  • cat /etc/ipsec.secrets
@tiazel @rome  : PSK "suxer"

Links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Strongswan-openswan-psk&oldid=51692