Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] how to enable ipsec over firewall?
>Just that the current snapshot of the documentation is outdated. I don't
>know if they refer to 2.0 or 1.x but in 1.98b there is definitely no
>ipsec verify command.
>To be honest, i don't even know what teh author means by "
>
>Ask your ISP to publish these records in your reverse map.
>
>".
>And what is a left subnet?
>
>Looks af if i would do good by subscribing the Free/Swan mailing list, too.

Left subnet is the subnet behind the left vpn-gateway, vice versa with the
right.
It does not matter which side is left, freeswan determines it by check ips
and
route if your nics.

The check tool for freeswan is ipsec (in my case /sbin/ipsec)

you can do "ipsec eroute" to check connections state

Check that out:

1. Jürgen Schmidt (ju)
Die Internet-WG
Private Netze über Internet und IPSec verbinden
Praxis, Private Netze mit IPSec verbinden, FreeS/WAN, X.509, IPSec
c't 16/02, Seite 164

Yours

Michael



< Previous Next >
Follow Ups