Hosting Provided By

[Users] FreeSwan setup left and right question.

From: Calvin <calvinproject(at)ihug.com.au>
Date: Thu Mar 27 2003 - 05:26:01 EST

Dear all,

I read the post "My FreeS/WAN 1.5 setup diary", http://www.sandelman.ottawa.on.ca/linux-ipsec/html/2000/11/msg00571.html

It has a very detail instruction, but there are something I can understand about the left and right IP in ipsec.conf.

the network setting in the guide is:

| JERSEY | local (right) client (win98 celeron laptop)

eth0 192.168.1.2
|
|

eth1 192.168.1.1

| MOSKOVA | local (right) gateway and freeswan 1.5 server (redhat 6.2 p90)

eth0 172.16.2.2
|
|

eth0 172.16.2.1

| JOLO | router (redhat 6.2 celeron)

eth1 172.16.1.1
|
|

eth0 172.16.1.2

| OKINAWA | remote(left) gateway and freeswan 1.5 server (redhat 6.2 p100)

eth1 10.1.2.1
|
|

eth0 10.1.2.2

| MMA | remote (left) client (redhat 6.2 p200)

the 172.16.1.0 and 172.16.2.0 nets to simulate the public internet and the 10.1.2.0 and 192.168.1.0 to be private local networks.

In the Moskova ipsec.conf, the setting like this: I made Moskova's /etc/ipsec.conf look like:

config setup

        interfaces="ipsec0=eth0"
        klipsdebug=none
        plutodebug=none
        plutoload=%search
        plutostart=%search

# sample connection
conn okinawa-moskova

        left=172.16.0.2
        leftsubnet=10.0.0.0/24
        leftnexthop=172.16.0.1
        right=172.16.9.2
        rightsubnet=10.0.3.0/24
        rightnexthop=172.16.9.1
        keyingtries=0
        auth=esp
        authby=rsasig

I really don;t understand where the IP address for left and right come from, could anyone please tell me whY?
and also the leftnexthop and rightnext hop address, why is like that?

What will be the difference if there is no JOLO(router) in between the 2 Gateways? i.e. a cross over cable connecting 2 gateways.

Do you need help?

Thanks very much for allllll your helps.

Calvin

Users mailing list
Users@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users Received on Thu Mar 27 08:57:37 2003

This message: [ Message body ]
Next message: tian.xuenong.ZTE_LTD(at)zte.com.cn: "[Users] (no subject)"
Previous message: Perl(at)smk-gmbh.de: "[Users] Need help on error AUTHENTICATION_FAILED"
Next in thread: Christoph Haas: "Re: [Users] FreeSwan setup left and right question."
Reply: Christoph Haas: "Re: [Users] FreeSwan setup left and right question."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:01:11 EDT