[strongSwan] Parameters to connect to a Cisco 3000 series
vivek bairathi
bairathi.vivek at gmail.com
Wed Dec 14 17:23:13 CET 2011
Hi Hugo,
Your ipsec.conf and ipsec.secrets file shall look like following:
ipsec.conf:
config setup
charonstart =yes
plutostart = no
uniqueids=no
conn Cisco
ikelifetime=24h
keyexchange=ikev2
keyingtries=%forever
keylife=1h
mobike=no
reauth=no
rekeymargin=5m
ike=3des-sha1-modp1024!
esp=3des-sha1-modp1024!
left=y.y.y.y
right=x.x.x.x
authby=psk
auto=start
ipsec.secrets:
%any x.x.x.x : PSK "password"
On Tue, Dec 13, 2011 at 9:22 PM, Hugo Mora <humoib at gmail.com> wrote:
> Hi!
>
> I'm not an expert on VPNs (java programmer), but I need to connect using
> StrongSwan my company with a client via VPN. They have send me these
> parameters (see below)... Could someone pleeease translate these parameters
> to a ipsec.conf connection ??
>
> I know that the remote site is a CISCO VPN 3000 Series.
>
> Really, thank you so much! I can't buy a CISCO
>
>
> *IKE Parameters*
> Authentication: Preshared keys
> Authentication Algorithm: SHA/HMAC-160
> Encryption Algorithm: 3DES
> Diffie-Hellman Group: 2 (1024 bits)
> Lifetime Measurement: Time (86400) sec
> IKE peer: x.x.x.x
> Negotiation mode: main
>
> *IPSEC Parameters*
> Authentication Algorithm: ESP/SHA-HMAC-160
> Encryption Algorithm: 3DES
> Mode: Tunnel
> Lifetime Measurement: Time (3600) sec.
> PFS: Group 2 (1024 bits)
>
> Bye,
> --Hugo
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
--
Regards,
Vivek Bairathi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20111214/67d9262f/attachment.html>
More information about the Users
mailing list