On Sun, Feb 25 2007 at 06:20, c l wrote:
> Finally got this to work. Here's the config that ended up working.
>
> I'm not sure why I didn't notice before but the quick mode stuff wasn't
> setup correctly.
>
> ipsec.conf
> ike esp from 192.168.1.0/24 to 10.10.0.0/16 peer 2.2.2.2 \
>main
Ah. Disregard my last post. I didn't realize that the 'ipsec'
configuration specifies main mode (phase 1 negotiation) and quick
mode (phase 2 negotiation) in separate substatements. Good find.
That makes perfect sense.
Bill
On Feb 25, 2007, at 19:06, c l wrote:
Finally got this to work.
Finally got this to work. Here's the config that ended up working.
I'm not sure why I didn't notice before but the quick mode stuff wasn't
setup correctly.
ipsec.conf
ike esp from 192.168.1.0/24 to 10.10.0.0/16 peer 2.2.2.2 \
main auth hmac-sha1 enc 3des group modp768 \
quick au
3 matches
Mail list logo
