Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick to Openswan Strongswan IPsec (Howto): Difference between revisions

← Older editNewer edit →
Content deleted Content added
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,619 edits
AA-Andrew (talk | contribs)
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,619 edits
mNo edit summary
Line 24: Line 24:


in: myFireBrick.secrets:
in: myFireBrick.secrets:
CentOS.IP.Address FireBrick.IP.Address : PSK "yourpasswordhere"
CentOS.IP.Address FireBrick.IP.Address : PSK "YourSecretHere"


chkconfig ipsec on
chkconfig ipsec on
Line 30: Line 30:


Put the following in the FB at the other end:
Put the following in the FB at the other end:
<connection name="IPSec" peer-ips=CentOS.IP.Address" auth-method="Secret" secret="yoursecrethere" internal-ipv4="FireBrick.LAN.IP.Address" routes="CentOS.IP.Address" log="default"/>
<connection name="IPSec" peer-ips=CentOS.IP.Address" auth-method="Secret" secret="YourSecretHere" internal-ipv4="FireBrick.LAN.IP.Address" routes="CentOS.IP.Address" log="default"/>




=strongSwan=

file: /etc/ipsec.conf

conn myFireBrick
authby=secret
auto=start
left=strongSwan.IP
leftid=strongSwan.IP
leftsubnet=strongSwan.IP
right=FireBrick.IP
rightid=FireBrick.IP
rightsubnet=SUBNET.ON.FireBrick.LAN
lifetime=2m

file: /etc/ipsec.secrets

strongSwan.IP FireBrick.IP : PSK "YourSecretHere"




Retrieved from "http://support.aa.net.uk/FireBrick_to_Openswan_Strongswan_IPsec_(Howto)"