[strongSwan] Cannot do IKEv1/PSK Main Mode in Cisco C7200

Somaye Khaleghi somayekhaleghi at gmail.com
Thu May 30 08:32:35 CEST 2013


i finaly soled it problem, my configs are :


cisco config is :
Router1#
hostname Router1
crypto isakmp policy 5
encr 3des
hash md5
authentication pre-share
group 2
lifetime 3600
crypto isakmp key 123456 address 192.168.0.1

!
crypto ipsec transform-set MINE esp-3des esp-md5
!

ip access-list extended IPSEC
permit ip 10.2.0.0 0.0.255.255 10.1.0.0 0.0.255.255


!
crypto map MYMAP 10 Ipsec-isakmp
----set security-association lifetime seconds 3600
set peer 192.168.0.1
set transform-set MINE
match address IPSEC
!
!
!
!
interface fastEthernet1/1
ip address 192.168.0.2 255.255.255.0
no shutdown
duplex auto
speed auto
crypto map MYMAP
!
interface Ethernet1/0
ip address 10.2.0.1 255.255.0.0
duplex auto
speed auto
no shutdown

!
ip route 0.0.0.0 0.0.0.0 192.168.0.1
!
!




Linux config i s:

# /etc/ipsec.conf - strongSwan IPsec configuration file

config setup

conn %default
ikelifetime=3600s
keylife=3600s
keyexchange=ikev1
authby=secret

conn net-net
left=192.168.0.1
leftsubnet=10.1.0.0/16
leftfirewall=yes
right=192.168.0.2
rightsubnet=10.2.0.0/16
ike=3des-md5-modp1024
esp=3des-md5
type=tunnel
auto=start








*
*
*
*
*
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130530/05ff66ec/attachment.html>


More information about the Users mailing list