Re: [suse-security] how to enable ipsec over firewall?
Just that the current snapshot of the documentation is outdated. I don't know if they refer to 2.0 or 1.x but in 1.98b there is definitely no ipsec verify command. To be honest, i don't even know what teh author means by "
Ask your ISP to publish these records in your reverse map.
". And what is a left subnet?
Looks af if i would do good by subscribing the Free/Swan mailing list, too.
Left subnet is the subnet behind the left vpn-gateway, vice versa with the right. It does not matter which side is left, freeswan determines it by check ips and route if your nics. The check tool for freeswan is ipsec (in my case /sbin/ipsec) you can do "ipsec eroute" to check connections state Check that out: 1. Jürgen Schmidt (ju) Die Internet-WG Private Netze über Internet und IPSec verbinden Praxis, Private Netze mit IPSec verbinden, FreeS/WAN, X.509, IPSec c't 16/02, Seite 164 Yours Michael
1. Jürgen Schmidt (ju) Die Internet-WG Private Netze über Internet und IPSec verbinden Praxis, Private Netze mit IPSec verbinden, FreeS/WAN, X.509, IPSec c't 16/02, Seite 164
Ho be honest, I'd prefer masquarading instead of NAT (sorry, i used to use those terms synonymously)... do need Free S/Wan then? In the HowTo (http://www.tldp.org/HOWTO/VPN-Masquerade-HOWTO.html) they speak about a kernel patch or module, too, but this one seems to be a different one. How would I do VPN masquarading with Suse Linux? Thanks Jochen
participants (2)
-
GentooRulez
-
Jochen Staerk