[strongSwan] StrongSwan Setup Questions

Chris Arnold carnold at electrichendrix.com
Sat Mar 31 01:00:57 CEST 2012


>Hello Chris,
Hello and thank you for your replies

>have a look at the wiki, i.e.
>http://wiki.strongswan.org/projects/strongswan/wiki/IKEv2Examples#Site-to-Site
I found the example and i need a host to host. A few more questions:
-When following http://www.strongswan.org/uml/testresults/ikev2/host2host-cert/moon.ipsec.conf
how do i get the moonCert.pem?
-What ports do i need to open on both firewalls (the servers are not running a software firewall)? 500 and 4500?
-Where is the authlog located?


Am 31.03.2012 00:16, schrieb Chris Arnold:
> StrongSwan 4.4.06 on 2 SLES11 SP2 servers. I need a site-to-site 
> how-to (this link, 
> http://www.strongswan.org/docs/readme4.htm#section_2.1 is outdated 
> and i do not see a updated site to site how to) and 1 server will 
> have roadwarriors connecting to it (would like to do this with RSA 
> authentication with X.509 certificate). 1 server is behind a 
> netgear wndr3700 router/firewall and 1 server is behind a
> sonicwall tz180w. Where can i find the appropriate info on how to
> do this?
> 
> _______________________________________________ Users mailing list
>  Users at lists.strongswan.org 
> https://lists.strongswan.org/mailman/listinfo/users


- - --
Julian Poschmann
Zeppelinstr. 31
52068 Aachen

Telefon: +49 170 3295135
E-Mail: julian.poschmannn at rwth-aachen.de
PGP-ID: 0x7D51DD8B
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iEYEARECAAYFAk92Mb4ACgkQJmSm8H1R3YscNwCgmnZ+2f7L86MOotjFKsEbLqMi
MoEAn1bEEpWLKxmtASySng+muN89BWnn
=73+L
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iEYEARECAAYFAk92Me0ACgkQJmSm8H1R3Yv7XQCgkJhRRArUTus/dJYhMZ0Wmp+t
9LUAoIluSp5Dn1UUCb1KuVtuoyYgdGlu
=yzQY
-----END PGP SIGNATURE-----

_______________________________________________
Users mailing list
Users at lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users




More information about the Users mailing list