+ Responder ao Tópico



  1. #1
    bouncer
    Visitante

    Padrão vpn duvida

    Estou montado uma vpn..parte do kernel..ja esta ok..de freeswan esta ok
    ja fiz..isso..aqui

    rm /etc/ipsec.secrets
    ipsec newhostkey --output /etc/ipsec.secrets --hostname `hostname --fqdn` 2048

    blz...

    so quando vou editar o vi /etc/ipsec.secrets
    ela gerou uma chave
    tenho que por ela inteira no meu arquivo /etc/ipsec.secrets

    #pubkey=0sAQNjGD5T1vsGj88hvtMCRNtqX+WaGskcuuA9x6NwO62OwZoaHLktduLMwm4REW0n43/j2U95CIL9yA3C7cqy+tMu/tGfsMUq0w7cI7D2LHEe
    25u0ftkNXqxNfkKl+Uwy0H4DQZ6SXTMGbOMiTXFc6ll6JMYIdr2cxtxVj/Vofsz2tpPqXSTO5dmu3c7X7mImgSxF3vONQgRuWrp4psg/HO6BloFLUjLb8YVd1pGK8e
    FMj1SP5yluEtjgWSxOcC32QWZ9s+aQ1XuMLYBPIf78SHcPXd3jjWvHkowdutZJ6IFhfJh+aR5zaguNtNJRb6IRmDGD3hLvIh3BsBAU+YFCD/NTZ6SYpSdFQM0OK8eM
    /crU7Z495

    vi /etc/ipsec.conf
    fica assim ...
    leftrsasigkey=0sAQNjGD5T1vsGj88hvtMCRNtqX+WaGskcuuA9x6NwO62OwZoaHLktduLMwm4REW0n43/j2U95CIL9yA3C7cqy+tMu/tGfsMUq0w7cI7D2LHEe
    25u0ftkNXqxNfkKl+Uwy0H4DQZ6SXTMGbOMiTXFc6ll6JMYIdr2cxtxVj/Vofsz2tpPqXSTO5dmu3c7X7mImgSxF3vONQgRuWrp4psg/HO6BloFLUjLb8YVd1pGK8e
    FMj1SP5yluEtjgWSxOcC32QWZ9s+aQ1XuMLYBPIf78SHcPXd3jjWvHkowdutZJ6IFhfJh+aR5zaguNtNJRb6IRmDGD3hLvIh3BsBAU+YFCD/NTZ6SYpSdFQM0OK8eM
    /crU7Z495

    que pode tirar essa duvida..agradeco...


    # sample VPN connection conn sample matriz-filial
    type=tunnel
    # Left security gateway, subnet behind it, next hop toward right.
    type=tunnel
    left=200.233.150.90
    leftsubnet=192.168.0.0/24
    leftnexthop=200.233.150.1
    leftrsasigkey=0sAQNjGD5T1vsGj88hvtMCRNtqX+WaGskcuuA9x6NwO62OwZoaHLktduLMwm4REW0n43/j2U95CIL9yA3C7cqy+tMu/tGfsMUq0w7cI7D2LHEe
    25u0ftkNXqxNfkKl+Uwy0H4DQZ6SXTMGbOMiTXFc6ll6JMYIdr2cxtxVj/Vofsz2tpPqXSTO5dmu3c7X7mImgSxF3vONQgRuWrp4psg/HO6BloFLUjLb8YVd1pGK8e
    FMj1SP5yluEtjgWSxOcC32QWZ9s+aQ1XuMLYBPIf78SHcPXd3jjWvHkowdutZJ6IFhfJh+aR5zaguNtNJRb6IRmDGD3hLvIh3BsBAU+YFCD/NTZ6SYpSdFQM0OK8eM
    /crU7Z495
    # Right security gateway, subnet behind it, next hop toward left.
    right=200.150.229.10
    rightsubnet=10.0.0.0/24
    rightnexthop=200.233.150.1
    rightrsasigkey= Esse to gerando..chave
    # To authorize this connection, but not actually start it, at startup,
    # uncomment this.
    auto=start

  2. #2

    Padrão vpn duvida

    vc tem q usar a mesma chave em ambos os lados

    []'s



  3. #3
    bouncer
    Visitante

    Padrão blz..entao

    do jeito que esta ai..esta certo..entao .....por que chava ser muito grande...