> From: linux-crypto-owner@xxxxxxxxxxxxxxx > [mailto:linux-crypto-owner@xxxxxxxxxxxxxxx] On Behalf Of > Nipper Lee-B04937 > Sent: Thursday, October 30, 2008 6:11 PM > > I have a simple strongswan example which works with talitos aes256, > but it uses ikev1 (pluto). > Barry, In case it provides any help, see below for ipsec.conf & ipsec.secrets for a tiny strongswan example which works with talitos doing the encryption/decryption. I'm using kernel 2.6.27 on 8349E MDS, and strongswan version 4.2.8. Lee ################################################## # /etc/ipsec.conf: version 2.0 config setup plutodebug=dns interfaces="ipsec0=eth1" conn hometooffice left=200.200.200.10 leftid="@home" leftsubnet=192.168.1.0/24 right=200.200.200.20 rightid="@office" rightsubnet=192.168.2.0/24 keyexchange=ikev1 pfs=yes authby=secret auto=add esp=aes256-sha2_256 conn officetohome left=200.200.200.20 leftid="@office" leftsubnet=192.168.2.0/24 right=200.200.200.10 rightid="@home" rightsubnet=192.168.1.0/24 keyexchange=ikev1 pfs=yes authby=secret auto=add esp=aes256-sha2_256 ################################################## # /etc/ipsec.secrets: # Format for psk: @self @peer PSK "secret" @home @office: PSK "secret1" -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
