|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
[Design] a question about x509cert
From: yli <yli(at)ict.ac.cn>
Date: Thu Mar 13 2003 - 04:29:14 EST
Design mailing list
Design@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/design Received on Thu Mar 13 07:09:16 2003
Date: Thu Mar 13 2003 - 04:29:14 EST
Hello,
I have attempted to build a secure channel between two hosts locating in the same local net. my ipsec.conf for two hosts are designed like following:
ipsec.conf for host (10.10.10.112)
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn one-one
right=10.10.10.114
rightid="####"
# local host is left
left=10.10.10.112
leftcert=x509cert_no1.der
auto=add
pfs=yes
ipsec.conf for host (10.10.10.114)
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=0
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn one-one
left=10.10.10.112
leftcert=x509cert_no1.der
right=10.10.10.114
rightcert=x509cert_no3.der
auto=add
pfs=yes
but when I executed command line with
# ipsec auto --up one-one
I also get the same error report such as
"no suitable connection for peer '#####$$'"
Please help me to find the cause of that error!
Thank you in advance!
Liying
Design mailing list
Design@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/design Received on Thu Mar 13 07:09:16 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:57 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |