Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Rob Wellesley on October 14, 2002, 01:25:14 PM
-
Hi all
I have an Ipsec-freesWAN going great - ping, map shares, etc. are fine - however i can't get rsync to work across the WAN -
192.168.10.X and 192.168.1.X are the subnets - both are defined in the LOCAL NETWORKS panel.
I want to copy the contents of a directory on one SME in one subnet to a backup directory on an SME on the other subnet
(mounting a smbfs share across the subnets doesn't work either which is weird given that //server/share works fine for drive mapping)
Any ideas?
TIA rob
-
Hi Rob et al.
I've stumbled when trying to install the Ipsec - freesWAN on my v5.5up2.
I was using http://myezserver.com/downloads/mitel/contrib/freeswan-0.4/freeswan-howto.html
My problem is that the RSA key is not displayed in the new IPsecVPN server-manager panel. And I get this line in the message log
Oct 13 20:50:02 ipsec__plutorun: 003 "/etc/ipsec.secrets" line 24: Modulus keyword not found where expected in RSA key
Did you need to do any work configuring RSA encryption when installing freesWAN.
ssh is working fine between my boxes using DSA keys.
Whats the difference in application of DSA & RSA keys?
Many thanks
David
-
David,
To fix the RSA key not being displayed do the following:
edit /etc/e-smith/templates/etc/ipsec.secrets/10RSAKey
look for
@args = ("/usr/lib/ipsec/ipsec", "rsasigkey", "2048");
$result .= /usr/lib/ipsec/ipsec rsasigkey 2048;
and change them to read
@args = ("/usr/local/lib/ipsec/ipsec", "rsasigkey", "2048");
$result .= /usr/local/lib/ipsec/ipsec rsasigkey 2048;
then run /sbin/e-smith/signal-events ipsec-install
this will resolve the path issue.
-
Hi
Try this thread also
http://forums.contribs.org/index.php?topic=14375.msg54737#msg54737
We haven't moved to 5.5 for production servers.The Freeswan contrib goes fine on 5.1.2
also-
http://www.freeswan.org/freeswan_trees/freeswan-1.95/doc/config.html
If you want to DIY
rob