NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] VPN -1 Client in Linux



We got it to work using these settings in ipsec.conf :

Of course , set-up your subnets and other info


# basic configuration
config setup
        # THIS SETTING MUST BE CORRECT or almost nothing will work;
        # %defaultroute is okay for most simple cases.
        interfaces=%defaultroute
        # Debug-logging controls:  "none" for (almost) none, "all" for lots.
        klipsdebug=none
        plutodebug=none
        # Use auto= parameters in conn descriptions to control startup
actions.
        plutoload=%search
        plutostart=%search
        # Close down old connection when new one using same ID shows up.
        uniqueids=yes

# X VPN connection
conn "connection name"
        # Left security gateway, subnet behind it, next hop toward right.
        left=
        leftsubnet=
        leftnexthop=
        # Right security gateway, subnet behind it, next hop toward left.
        right=
        rightsubnet=
        rightnexthop=
        # Start this connection on IPSec Startup
        auto=start
        # Perfect Forward Secrecy (
        pfs=no
        # Encrypt sessions
        auth=esp
        # IKE key exchange (only option)
        keyexchange=ike
        # Encryption type for sessions (3des-sha1-96)
        esp=3des-md5-96
        # encryption/authentication keys (ESP SA)
        keylife=55m
        # ISAKMP SA
        ikelifetime=90m
        # attempts to negotiate a connection (0=never give up)
        keyingtries=0
        # how long before connection expiry should attempts to negotiate a
replacement key begin
        rekeymargin=9m

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of
Michael S. Hobbs
Sent: Friday, November 30, 2001 12:52 PM
To: [email protected]
Subject: [FW-1] VPN -1 Client in Linux


Has anyone had any experience or know of some online resources to help
me set up a VPN connection to my FW-1 in Linux? I tried the Free S/WAN
approach as detailed in a PDF I found on Checkpoint's web site. Is this
the best approach? If so, has anyone gotten this to work properly.

Thanks,

Michael S. Hobbs
Unicon, Inc.
PhoneCellFax===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.