Re[4]: [Comm] FreeS/WAN - Peter Teslenko

ALT Linux Community general discussions
 help / color / mirror / Atom feed

From: Peter Teslenko <inkyspot@home.ru>
To: Igor Solovyov <community@altlinux.ru>
Subject: Re[4]: [Comm] FreeS/WAN
Date: Tue, 27 Jul 2004 11:54:01 +0400
Message-ID: <4451811828.20040727115401@home.ru> (raw)
In-Reply-To: <20040727081606.1b9e64b1.gosha@anti.su>

Hello Igor,

Tuesday, July 27, 2004, 6:16:06 AM, you wrote:

IS> Hi!
IS> On Mon, 26 Jul 2004 21:34:57 +0400
IS> Peter Teslenko <inkyspot@home.ru> wrote:

>> >> Кто поднимал эту конструкцию?
>> >> 
>> >> Имею
>> >> 
>> >> Linux1 eth0 - real i-net ip
>> >>        eth1 - 192.168.1.1/24
>> >>        eth1:1 - 192.168.2.1.24
>> >> 
>> >> Linux2 eth0 - real i-net ip
>> >>        eth1 - 192.168.4.1/24
>> >> 
>> >> хочу дать возможность юзерам из сети 192.168.4.0/24 ходить на сервер
>> >> 192.168.1.3
>> 
>> MT> Не рви треды.
>> MT> Это самый что ни на есть заурядный туннель :)
>> 
>> Мне нужен не заурядный, а криптованный.

IS> На самом деле это и есть заурядный криптованный туннель. :-)
IS> А что не получается? Я делал все по доке. Прекрасно работает.
IS> Покажи свои /etc/ipsec.conf и /etc/ipsec.secrets тогда и
IS> советы будут более дельные.

/etc/ipsec.conf
# basic configuration
config setup
        # Debug-logging controls:  "none" for (almost) none, "all" for lots.
        # klipsdebug=all
        # plutodebug=dns


# Add connections here.

conn mcicb-to-kirza
    left=81.23.107.58
    leftsubnet=192.168.1.0/24
    leftid=@relay.mcbfa.ru
    leftrsasigkey="0sAQNzHP0pa0/678P1Un0APvUe8NHlYrZm9PNfZ3lC684vD6Zo1lsBFzKEfSHBx7eTjqiLycNzR2bS1Bl7dmBF+rMaxTa1XbYPwCVnCD8XYzBbwer
    leftnexthop=81.23.107.57
    right=82.140.78.50
    rightsubnet=192.168.4.0/24
    rightid=@kirza
    rightrsasigkey="0sAQObjjBqQtAWvNpEDZmZntS3QLGrJaATQttAhUxBOQolDBHyfqtwhmjAyDzzZdmgkrYpL8huNZBiWqKUg+HjbccZLolcC1qkWuXRKN5HZHSQ4a
    rightnexthop=82.140.78.49
    auto=start


/etc/ipsec.secrets

: RSA   {
        # RSA 3536 bits   relay   Tue Jul 20 13:44:52 2004
        # for signatures only, UNSAFE FOR ENCRYPTION
        #pubkey=0sAQNzHP0pa0/678P1Un0APvUe8NHlYrZm9PNfZ3lC684vD6Zo1lsBFzKEfSHBx7eTjqiLycNzR2bS1Bl7dmBF+rMaxTa1XbYPwCVnCD8XYzBbwerI9F
        Modulus: 0x731cfd296b4ffaefc3f5527d003ef51ef0d1e562b666f4f35f677942ebce2f0fa668d65b011732847d21c1c7b7938ea88bc9c3734766d2d41
        PublicExponent: 0x03
        # everything after this point is secret
        PrivateExponent: 0x132f7f86e737ff27f5fe386a2ab528da7d7850e5c91128d33a913ee07ca25d2d4666ce64802e886b6a304af69e9897c6c1f6f5e88
        Prime1: 0xcc54bea773a87d6b072e03f631849bf45e2c417b1baa1e085ae3de54696a8619dc81e2ee75dc5f627ae2f0b19340ed30881b09adee5480c477
        Prime2: 0x9038c7aef5568225d6d9dc9ecba5399d973c2a33c7151ef7cebb38158251c9d9699a6ec07aa6790930cd031a240fff0f8abda9b3819ffabdd9
        Exponent1: 0x88387f1a4d1afe475a1ead4ecbadbd4d941d80fcbd1c140591ed3ee2f0f1aebbe8569749a3e83f96fc974b210cd5f375b0120673f43855d
        Exponent2: 0x6025da74a38f016e8f3be869dd18d113ba281c2284b8bf4fdf277ab9018bdbe64666f48051c450b0cb335766c2b554b507291bcd011551d
        Coefficient: 0x59ac7569cf05e1748a687688d743536c47d6edbabfe8f361783209414e1f54bd196d9623f02743fcdfaf7e291c86cb0aca379200eea35
        }
# do not change the indenting of that "}"


-- 
Peter Teslenko

next prev parent reply	other threads:[~2004-07-27  7:54 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-07-20  9:14 [Comm] Создание всех jabber-пользователей скопом community
2004-07-20  9:22 ` Mike Lykov
2004-07-20  9:38   ` community
2004-07-26 14:12     ` [Comm] FreeS/WAN Peter Teslenko
2004-07-26 14:57       ` Maxim Tyurin
2004-07-26 17:34         ` Re[2]: " Peter Teslenko
2004-07-27  2:16           ` Igor Solovyov
2004-07-27  7:54             ` Peter Teslenko [this message]
2004-07-29  9:28             ` Re[4]: " Peter Teslenko
2004-07-29 11:35               ` Igor Solovyov
2004-08-08 12:44                 ` Maxim Tyurin
2004-08-08 14:57                   ` Igor Solovyov
2004-07-29 13:36               ` Re[5]: " Peter Teslenko
2004-07-31  5:04                 ` Re[6]: " Dmitry Vodennikov
2004-07-27  3:37           ` Re[3]: " Dmitry Vodennikov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4451811828.20040727115401@home.ru \
    --to=inkyspot@home.ru \
    --cc=community@altlinux.ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

ALT Linux Community general discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
		mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
	public-inbox-index community

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.community


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git