[Swan] Help!!
Antonios Katsouros
akatsourossony at gmail.com
Thu Jan 10 16:31:42 UTC 2019
yes its there!!!
this is
root at srv1:~# cat /etc/ipsec.conf
version 2.0
config setup
virtual-private=%v4:
10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.50.0.0/24,%v4:!10.50.1.0/24
protostack=netkey
interfaces=%defaultroute
uniqueids=no
conn shared
left=%defaultroute
leftid=195.95.65.10
right=%any
encapsulation=yes
authby=secret
pfs=no
rekey=no
keyingtries=5
dpddelay=30
dpdtimeout=120
dpdaction=clear
ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
sha2-truncbug=yes
conn l2tp-psk
auto=add
leftprotoport=17/1701
rightprotoport=17/%any
type=transport
phase2=esp
also=shared
conn xauth-psk
auto=add
leftsubnet=0.0.0.0/0
*rightaddresspool=10.50.1.2-10.50.1.3 (by the way is there a way to
give a static in the other side??? i dont want pool)..*
modecfgdns="8.8.8.8 8.8.4.4"
leftxauthserver=yes
rightxauthclient=yes
leftmodecfgserver=yes
rightmodecfgclient=yes
modecfgpull=yes
xauthby=file
ike-frag=yes
ikev2=never
cisco-unity=yes
also=shared
root at srv1:~#
Many thanks!!!
On Thu, Jan 10, 2019 at 7:23 PM Paul Wouters <paul at nohats.ca> wrote:
> On Thu, 10 Jan 2019, Antonios Katsouros wrote:
>
> > root at srv1:/etc/ipsec.d# ls
> > cert9.db key4.db passwd pkcs11.txt policies
>
> check /etc/ipsec.conf
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20190110/8952eed1/attachment.html>
More information about the Swan
mailing list