[Swan] Adding host to subnet VPN
Alex
mysqlstudent at gmail.com
Tue Feb 23 01:41:42 UTC 2016
Hi,
>> Can I just leave out the subnet declarations where they're not
>> necessary? Assuming 'arcade' (23.227.181.206) was the name of the
>> roadwarrior host and its default route is 23.227.181.193:
>>
>> conn VPN-DGHQ-DGXO-2
>> auto=start
>> left=68.111.193.42
>> leftnexthop=68.111.193.41
>> leftsubnet=192.168.1.0/24
>> leftid="@C=US, ST=New Jersey, L=Newark, O=My Company Inc,
>> CN=orion.example.com"
>
> Here you have a problem. When ID start with @, it's ID type FQDN.
> But your id is really ID_DER_ASN1_DN type, certificate subject.
> Remove character "@".
This is actually the configuration I have from a working system. I'll
remove the @, but the problem I'm having now is with creating a new
certificate for another host.
I'm confused about the newhostkey part. Can someone help me with the
steps needed to create the host key and certificate?
I've read through the NSS HOWTO, and I don't understand :-(
Thanks,
Alex
More information about the Swan
mailing list