[Users] key generation

• Next message: tjoen : "RE: [Users] installation freeswan on RedHat 7.3"
• Previous message: Ghislaine Labouret: "Re: [Users] Need help on interop linux-cisco"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello everybody!

My name is Yvette and we have just installed the FreeS/WAN
software to Linux at the Technical University in Budapest, but we
have some problems with configuration therefore we need some
help.

Our configuration is very simple.

ONLY 2 hosts (with names nec1, nec4) are connected with the
same configuration:
linux 7.3 RedHat with Kernel 2.4.18-3; FreeS/WAN 1.97 IPSec SW

On the 1. host (nec1) is also installed the SecDNS (BIND 9.2.0-8)

On the hosts manually generated public keys we've stored to the
DNS. The IPSec was starting and was requesting the public key
from the DNS. The ipsec.conf file contains parameters to keylife
and the ipsec should get the new key from the SecDNS after the
key expiration.
1. How to autmatically update the public key in the DNS?
2. Problem is the ipsec doesn't send the request to get new key
from DNS. Why?

We tried to stop the DNS on the nec1. The ipsec connection has
been still living but doesn't want to get new key regardless the
parameters values in ipsec.conf files.

I'm attaching the IPsec configuration files and outputs of nec1,
nec4, and the configurations file of BIND SecDNS.
(nec1info.zip, bind.zip, nec4info.zip)

Thank you for help.
Best regards.
Yvette

The following section of this message contains a file attachment
prepared for transmission using the Internet MIME message format.
If you are using Pegasus Mail, or any another MIME-compliant system,
you should be able to save it or view it from within your mailer.
If you cannot, please ask your system administrator for assistance.

   ---- File information -----------
     File: nec1info.zip
     Date: 30 May 2002, 11:04
     Size: 6129 bytes.
     Type: ZIP-archive

• Application/ZIP attachment: nec1info.zip

The following section of this message contains a file attachment
prepared for transmission using the Internet MIME message format.
If you are using Pegasus Mail, or any another MIME-compliant system,
you should be able to save it or view it from within your mailer.
If you cannot, please ask your system administrator for assistance.

   ---- File information -----------
     File: bind.zip
     Date: 30 May 2002, 11:02
     Size: 7947 bytes.
     Type: ZIP-archive

• Application/ZIP attachment: bind.zip

The following section of this message contains a file attachment
prepared for transmission using the Internet MIME message format.
If you are using Pegasus Mail, or any another MIME-compliant system,
you should be able to save it or view it from within your mailer.
If you cannot, please ask your system administrator for assistance.

   ---- File information -----------
     File: nec4info.zip
     Date: 30 May 2002, 11:04
     Size: 5801 bytes.
     Type: ZIP-archive

• Application/ZIP attachment: nec4info.zip

• Next message: tjoen : "RE: [Users] installation freeswan on RedHat 7.3"
• Previous message: Ghislaine Labouret: "Re: [Users] Need help on interop linux-cisco"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:08 CEST