From: Peter Teslenko <inkyspot@home.ru>
To: Igor Solovyov <community@altlinux.ru>
Subject: Re[4]: [Comm] FreeS/WAN
Date: Tue, 27 Jul 2004 11:54:01 +0400
Message-ID: <4451811828.20040727115401@home.ru> (raw)
In-Reply-To: <20040727081606.1b9e64b1.gosha@anti.su>
Hello Igor,
Tuesday, July 27, 2004, 6:16:06 AM, you wrote:
IS> Hi!
IS> On Mon, 26 Jul 2004 21:34:57 +0400
IS> Peter Teslenko <inkyspot@home.ru> wrote:
>> >> Кто поднимал эту конструкцию?
>> >>
>> >> Имею
>> >>
>> >> Linux1 eth0 - real i-net ip
>> >> eth1 - 192.168.1.1/24
>> >> eth1:1 - 192.168.2.1.24
>> >>
>> >> Linux2 eth0 - real i-net ip
>> >> eth1 - 192.168.4.1/24
>> >>
>> >> хочу дать возможность юзерам из сети 192.168.4.0/24 ходить на сервер
>> >> 192.168.1.3
>>
>> MT> Не рви треды.
>> MT> Это самый что ни на есть заурядный туннель :)
>>
>> Мне нужен не заурядный, а криптованный.
IS> На самом деле это и есть заурядный криптованный туннель. :-)
IS> А что не получается? Я делал все по доке. Прекрасно работает.
IS> Покажи свои /etc/ipsec.conf и /etc/ipsec.secrets тогда и
IS> советы будут более дельные.
/etc/ipsec.conf
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=all
# plutodebug=dns
# Add connections here.
conn mcicb-to-kirza
left=81.23.107.58
leftsubnet=192.168.1.0/24
leftid=@relay.mcbfa.ru
leftrsasigkey="0sAQNzHP0pa0/678P1Un0APvUe8NHlYrZm9PNfZ3lC684vD6Zo1lsBFzKEfSHBx7eTjqiLycNzR2bS1Bl7dmBF+rMaxTa1XbYPwCVnCD8XYzBbwer
leftnexthop=81.23.107.57
right=82.140.78.50
rightsubnet=192.168.4.0/24
rightid=@kirza
rightrsasigkey="0sAQObjjBqQtAWvNpEDZmZntS3QLGrJaATQttAhUxBOQolDBHyfqtwhmjAyDzzZdmgkrYpL8huNZBiWqKUg+HjbccZLolcC1qkWuXRKN5HZHSQ4a
rightnexthop=82.140.78.49
auto=start
/etc/ipsec.secrets
: RSA {
# RSA 3536 bits relay Tue Jul 20 13:44:52 2004
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=0sAQNzHP0pa0/678P1Un0APvUe8NHlYrZm9PNfZ3lC684vD6Zo1lsBFzKEfSHBx7eTjqiLycNzR2bS1Bl7dmBF+rMaxTa1XbYPwCVnCD8XYzBbwerI9F
Modulus: 0x731cfd296b4ffaefc3f5527d003ef51ef0d1e562b666f4f35f677942ebce2f0fa668d65b011732847d21c1c7b7938ea88bc9c3734766d2d41
PublicExponent: 0x03
# everything after this point is secret
PrivateExponent: 0x132f7f86e737ff27f5fe386a2ab528da7d7850e5c91128d33a913ee07ca25d2d4666ce64802e886b6a304af69e9897c6c1f6f5e88
Prime1: 0xcc54bea773a87d6b072e03f631849bf45e2c417b1baa1e085ae3de54696a8619dc81e2ee75dc5f627ae2f0b19340ed30881b09adee5480c477
Prime2: 0x9038c7aef5568225d6d9dc9ecba5399d973c2a33c7151ef7cebb38158251c9d9699a6ec07aa6790930cd031a240fff0f8abda9b3819ffabdd9
Exponent1: 0x88387f1a4d1afe475a1ead4ecbadbd4d941d80fcbd1c140591ed3ee2f0f1aebbe8569749a3e83f96fc974b210cd5f375b0120673f43855d
Exponent2: 0x6025da74a38f016e8f3be869dd18d113ba281c2284b8bf4fdf277ab9018bdbe64666f48051c450b0cb335766c2b554b507291bcd011551d
Coefficient: 0x59ac7569cf05e1748a687688d743536c47d6edbabfe8f361783209414e1f54bd196d9623f02743fcdfaf7e291c86cb0aca379200eea35
}
# do not change the indenting of that "}"
--
Peter Teslenko
next prev parent reply other threads:[~2004-07-27 7:54 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-07-20 9:14 [Comm] Создание всех jabber-пользователей скопом community
2004-07-20 9:22 ` Mike Lykov
2004-07-20 9:38 ` community
2004-07-26 14:12 ` [Comm] FreeS/WAN Peter Teslenko
2004-07-26 14:57 ` Maxim Tyurin
2004-07-26 17:34 ` Re[2]: " Peter Teslenko
2004-07-27 2:16 ` Igor Solovyov
2004-07-27 7:54 ` Peter Teslenko [this message]
2004-07-29 9:28 ` Re[4]: " Peter Teslenko
2004-07-29 11:35 ` Igor Solovyov
2004-08-08 12:44 ` Maxim Tyurin
2004-08-08 14:57 ` Igor Solovyov
2004-07-29 13:36 ` Re[5]: " Peter Teslenko
2004-07-31 5:04 ` Re[6]: " Dmitry Vodennikov
2004-07-27 3:37 ` Re[3]: " Dmitry Vodennikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4451811828.20040727115401@home.ru \
--to=inkyspot@home.ru \
--cc=community@altlinux.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git