[Swan] ipsec tunnel between 2 hosts on same switch
Paul Wouters
paul at nohats.ca
Sun Oct 19 22:43:47 EEST 2014
On Thu, 16 Oct 2014, bmoyni01 at vodafone.ie wrote:
> I have the following on each machine.
>
> ipsec.conf
>
> config setup
> protostack=netkey
> nat_traversal=yes
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0
> /12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
>
> conn ipsec0
> type=tunnel
> authby=secret
> auto=start
> left=192.168.30.51
> leftid=@left.com
> right=192.168.30.50
> rightid=@right.com
>
> ipsec.secrets
> %any %any : PSK "preshared key"
> 022 "ipsec0": We cannot identify ourselves with either end of this connection.
There were some startup issues with orienting and working with systemd.
Can you try this with libreswan-3.11rc4?
https://download.libreswan.org/development/
> I have read this example:
> https://libreswan.org/wiki/Host_to_host_VPN_with_PSK
> In the Host to host VPN with PSK example:
> 192.0.2.254/24 eth0 WEST eth1 192.1.2.23 --[internet]-- 192.1.2.45
> eth1 EAST eth0 192.0.1.254/24
> Are 192.1.2.23 and 192.1.2.45 default gateways?
No in those examplse both have a default gateway of 192.1.2.254.
> Does this even matter when its host to host on same switch?
Nope :)
> Is the example based on 2 hosts in the same LAN?
Yes, the example has two hosts in the lan 192.1.2.0/24
Paul
More information about the Swan
mailing list