[Users] ipsec.secrets question

From: CARTER, Roy (Roy.CARTER_at_birmingham.sema.slb.com)
Date: Tue Jan 14 2003 - 13:58:44 CET

• Next message: claudio_at_profiletecnologia.com.br: "[Users] Freeswan - Cisco"
• Previous message: John S. Denker: "Re: [Users] Multipath routing with Freeswan, possible?"
• Next in thread: Sam Sgro: "Re: [Users] ipsec.secrets question"
• Reply: Sam Sgro: "Re: [Users] ipsec.secrets question"
• Reply: Andreas Steffen: "Re: [Users] ipsec.secrets question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I have had a working ipsec tunnel between 2 Redhat 8.0 gateways for
sometime, all works well! I am now testing out connection to my gateway from
a freestanding Windows 2000 machine using Nate Carlson's howto. One of
Nate's instructions says:
1) Configure ipsec.secrets:

/etc/ipsec.secrets should contain the following (if you are running
FreeS/WAN older than 1.96, check the warning below!):

: RSA host.example.com.key "password"

The password above should be the password you entered while generating the
SSL certificate.

Also note that if you are running a version of FreeS/WAN older than 1.96
(with the 1.96 X.509 patches), the above command will not work -- you will
need to use fswcert to extract your private key to the ipsec.secrets file.

My ipsec.secrets file was not empty after the original install of freeswan
so I added the line mentioned above at the end of the file.

I now note in my "secure" log file that I get the message "multiple
ipsec.secrets entries with distinct secrets match endpoints: first secret
used". Should I care? What does this mean?

Regards

Roy

Roy Carter
Toolset Technologies
SchlumbergerSema NIS
Mob +44 7733 315428
Email : RPCarter_at_slb.com

_________________________________________________________
This email is confidential and intended solely for the use of the
individual to whom it is addressed. Any views or opinions presented are
solely those of the author and do not necessarily represent those of
SchlumbergerSema.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding, printing,
or copying of this email is strictly prohibited.

If you have received this email in error please notify the
SchlumbergerSema Helpdesk by telephone on +44 (0) 121 627 5600.
_________________________________________________________

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: claudio_at_profiletecnologia.com.br: "[Users] Freeswan - Cisco"
• Previous message: John S. Denker: "Re: [Users] Multipath routing with Freeswan, possible?"
• Next in thread: Sam Sgro: "Re: [Users] ipsec.secrets question"
• Reply: Sam Sgro: "Re: [Users] ipsec.secrets question"
• Reply: Andreas Steffen: "Re: [Users] ipsec.secrets question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Wed Jan 15 2003 - 20:11:39 CET