From: Daniel Tombeil (dt_at_admindu.de)
Date: Thu Nov 07 2002 - 09:33:37 CET
Hi,
I have some Problem with "auto=start". I included it into default section of
my ipsec.conf file but after a ipsec setup restart I can't open the tunnel by
just pinging the other end's LAN. I need to to a ipsec auto --up <conn> befor.
Did something change in this part of FreeSWAN. I bet it worked with 1.95.
I'm now using. FreeSWAN 1.97 with X.509 0.9.11. I also tried to put the
auto=start directly in the conn description. No success.
Thanx for any help :)
My ipsec.conf looks like this:
# basic configuration
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
uniqueids=yes
# default values for the connection descriptions that follow
conn %default
keyingtries=0
disablearrivalcheck=no
keyexchange=ike
ikelifetime=240m
keylife=60m
compress=no
pfs=yes
authby=rsasig
right=%any
rightrsasigkey=%cert
leftrsasigkey=%cert
leftcert=ipsecCert.pem
left=xxx.xxx.xxx.xxx
leftnexthop=xxx.xxx.xxx.xxx
auto=start
conn x1200
type=tunnel
leftsubnet=192.168.3.0/24
right=xxx.xxx.xxx.xxx
rightsubnet=192.168.100.0/24
rightid=bla_at_blubb.com
rightcert=cert.pem
best regards
Daniel
-- Daniel Tombeil | Proud member of www.admindu.de email: dt_at_admindu.de | www: http://daniel.home-of-the-dudes.com Admindu.de Webmail Services powered by Open WebMail Project (http://openwebmail.org) _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Mon Nov 11 2002 - 05:20:37 CET