Re: Strongswan (fwd)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Fri, 30 Jan 2009, Roger Grosswiler wrote:
>
>> installing ipsec-tools brings you one tab more in
>> system-config-network, where you can go and create h2h and
>> n2n-connections. Still it is not in the same place as the 2 others,
>> which makes usability harder.
>
> Ahhh. That is the old racoon/ipsec-tools. Even RedHat has moved away
> from that and towards Openswan for that.
>
> Paul
>
Oki Paul, just to get it, i tried again the Roadwarrior-Configuration from Openswans
Homepage.

I activated the include from ipsec.conf, as i inserted a client.conf on the client side
and a server.conf on the server-side :)

Service ipsec starts. Then, trying to connect using ipsec auto --up road fails. In the
logs, i see the following:

UNKNOWN: Feb  1 14:12:10 server pluto[22104]: "road"[21] 192.168.3.116 #21: no RSA
public key known for '@mydomain.net'

and

Peer road[456] caused 16 lines of output.
         connected from:192.168.3.116
         Keyed: 0 successes 1 failures (max retries: 0)
         IPsec SAs: 0

What do those messages mean?

from server and client, i just copied the output from the rightsigkey or leftsigkey
(which are on the machine both the same?) using ipsec showhostkey --left/right into the
according configs. Or do i have to copy the whole bunch of lines of the key? My machines
are FQDN via DNS, but not on local name resolution. So asking my server via dns brings
server@xxxxxxxxxxxx, the entry in the resolv.conf is without the domain-part.


Thanks for your help.

Roger

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux