Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: glenn kennedy on December 18, 2000, 12:06:29 AM

Title: freeswan vpn
Post by: glenn kennedy on December 18, 2000, 12:06:29 AM

has anyone got freeswan working using jeb campbell's rpm? i've installed it, looks like it is working, but could really use some help with testing and cross-subnet browsing configuration.

much appreciated,

glenn kennedy

Title: RE: freeswan vpn
Post by: Jeb Campbell on December 21, 2000, 12:33:49 PM

To make life easier I've made a script called freeswan-script at http://jebc.dyndns.org.  You will need to edit where ipsec is (/usr/sbin/ipsec). And when it asks if you want to install, say no unless you have setup rsa authentication from you to the gateways.  

The problem above is due to config file problems and ipchains.  The script will make great config files, and the ipchains is taken care of by editing the 39ipsec-net file, expanding, and then making sure that that rule above is loaded before the MASQ'ing rule.

Again, any questions or comments can be mailed to jebc@utk.edu

Thanks,

Jeb

Title: RE: freeswan vpn
Post by: hanscees on January 05, 2001, 07:18:00 PM

Hello,
I have been looking at the freeswan pages and they are really great, lots of info. My question is how you manage your keys. Do you use them in the dns server included or in some other way?

hc