Mailinglist Archive: opensuse-security (220 mails)

< Previous Next >
Re: [suse-security] FreeSwan <-> CheckPoint
  • From: "Thorsten Marquardt" <thom@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 4 Nov 2003 20:12:10 +0000 (MEST)
  • Message-id: <200311042012.UAA27508@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Dear Carl,

>
> You don't have to change ipsec.conf
>
> Instead change ipsec.secrets
>
> Where you have a line that says...
>
> aaa.bbb.ccc.ddd www.xxx.yyy.zzz : PSK "Rumpelstielzchen"
>
>
> I am assuming that aaa.bbb.ccc.ddd is the external (internet) IP address of
> the Checkpoint box and www.xxx.yyy.zzz is the external (internet) IP address
> of your Freeswan gateway?

yes you're right.

> I can't see what you have in your ipsec.conf for the leftid value because
> you have written
>
> leftid=@....
>
> ...that's fine - no point in telling mailing list private details! Just use
> whatever you have there in your ipsec.secrets file instead of the external
> (internet) IP address of your Freeswan gateway. Make sure to include the @
> symbol as well!!
>
> So your ipsec.secrets file will look something like...
>
>
>
>
>
> # Must be same on both; generate on one and copy to the other.
> aaa.bbb.ccc.ddd @.... : PSK "Rumpelstielzchen"

I did so. but we have to wait. My counterpart is out of office till tomorrow :-(

> Then try to bring up the connection again and tell us what happens!
>

I'll do so.

Thanks

Thom

--

-------------------------------------------------------------------
bye bye (c) by Thom | Thorsten Marquardt
| EMail: THOM@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
| Member of the pzt project.
| http://kaupp.chemie.uni-oldenburg.de/pzt
-------------------------------------------------------------------



< Previous Next >
References