[Swan] Need debugging pointer between libreswan and ASA5550
Paul Wouters
pwouters at redhat.com
Fri Mar 8 19:46:50 EET 2013
On 03/08/2013 11:24 AM, T.J. Yang wrote:
> 1. new /etc/ipsec.conf with tabs, no pound signs, public ip masked.
> version 2.0
> config setup
> plutodebug="control parsing"
> plutostderrlog=/var/log/ipsec.log
> protostack=netkey
> nat_traversal=yes
> virtual_private=
> oe=no
> conn centos6-asa-net-net
> keyingtries=3
> authby=secret
> left=x.x.x..5
> leftsubnet=192.168.50.0/24 <http://192.168.50.0/24>
> leftsourceip=192.168.50.254
> right=x.x.x..4
> rightsubnet=192.168.40.0/24 <http://192.168.40.0/24>
> rightsourceip=192.168.40.254
> auto=start
> keyexchange=ike
> type=tunnel
> pfs=no
> phase2=esp
> phase2alg=3des-sha1
So what's the output of:
ipsec start
ipsec auto --add centos6-asa-net-net
ipsec auto --up centos6-asa-net-net
Paul
More information about the Swan
mailing list