[Swan] net-to-net for road warriors
Derek Cameron
dcamero2016 at gmail.com
Thu Jan 24 16:17:24 UTC 2019
I did some experiments with Fedora 28. The instructions in the RHEL 7
Security Guide, section 4.6.3, "Creating Host-To-Host VPN Using
Libreswan," suggest you can just use:
ipsec newhostkey
I tried this, but it did not work. I got the problem that it cannot
find its own key. Instead I had to use the form given in the "Host to
host VPN" configuration example on the website, i.e.:
ipsec newhostkey --output /etc/ipsec.secrets
That created the correct entry to /etc/ipsec.secrets. Once I had
started ipsec on both ends, I was able to check that the tunnel was up
with:
ipsec auto --start mytunnel
ping OTHER.SERVER.IP.ADDRESS
ipsec whack --trafficstatus
On Thu, Jan 24, 2019 at 6:34 AM Alex <mysqlstudent at gmail.com> wrote:
>
> > > At some point I thought it was working. Is there a known problem with
> > > using RSA keys? Any idea why it can't find its own private key?
More information about the Swan
mailing list