From mboxrd@z Thu Jan 1 00:00:00 1970 From: Yuval Lifshitz Date: Sun, 08 May 2005 09:01:45 +0000 Subject: RE: [LARTC] Help plead, Cisco to Linux ipsec syntax Message-Id: MIME-Version: 1 Content-Type: multipart/mixed; boundary="----=_Part_1354_23117484.1115542905719" List-Id: References: <20050505123640.GA27240@legolas.on.net.mk> In-Reply-To: <20050505123640.GA27240@legolas.on.net.mk> To: lartc@vger.kernel.org ------=_Part_1354_23117484.1115542905719 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline I did that once for Transport mode with pre shared keys. Attached there is a short how-to with some explanations. Please let me know if you find errors. Yuval. > I have the task to make an IPsec tunnel between a Cisco router and a Linu= x router. The people that have set the Cisco router have sent me this (Cisco) > config file, but that doesn't help me a lot since I don't understand=20 > nor ipsec nor Cisco syntax that well. > > So, can anyone help me to make the ipsec configuration? > Second, what's better to use ipsec-tools or isakmpd on Linux-2.6.10. > > Is the configuration under "Tunnel mode" on http://www.ipsec-howto.org/x282.html the only thing needed to make it work? > > Any help is appreciated. > > > -- > damjan | P4P0P This is my jabber ID --> damjan@bagra.net.mk <-- not my mail address!!! ------=_Part_1354_23117484.1115542905719 Content-Type: text/plain; name="ipsec_cisco_howto.txt" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="ipsec_cisco_howto.txt" RmVkb3JhIENvcmUgMiBhbmQgQ2lzY28gNzIwMCBTZXJpZXMgUm91dGVyIElQU2VjIENvbmZpZ3Vy YXRpb24gSE9XVE8NCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09DQoNCnlsaWZzaGl0ekBjYWJsZW1hdHJpeC5jb20NCg0K Tm90ZXMNCiogVGhlcmUgaXMgYSBMaW51eCBtYWNoaW5lIHdpdGgga2VybmVsIDIuNiBhbmQgdXAg YW5kIElQIGFkZHJlc3MgMTAuMTAuMC42MSAuDQoqIFRoZXJlIGlzIGEgQ2lzY28gNzIwMCBzZXJp ZXMgcm91dGVyIHdpdGggSVAgYWRkcmVzcyAxMC4xMC4wLjE1IC4NCiogVGhlIHR3byBhcmUgY29u bmVjdGVkIHZpYSBMQU4sIHRoZSByb3V0ZXJzIGludGVyZmFjZSBpcyBGYXN0IEV0aGVybmV0IDAv MCAuDQoqIE9ubHkgSVAgYWRkcmVzc2VzIGFuZCA8bmFtZXM+IGFyZSBmcmVlIHRleHQsIG90aGVy IHdvcmRzIGFyZSByZXNlcnZlZC4NCiogVGhlIHNlbGVjdGlvbiBvZiBwcm90b2NvbHMgYW5kIGFs Z29yaXRobXMgKGF1dGhlbnRpY2F0aW9uIGVuY3J5cHRpb24gYW5kIGhhc2ggZnVuY3Rpb25zKSBp cyBxdWl0ZSBhcmJpdHJhcnkuIEl0IGNhbiBiZSBjaGFuZ2VkLCBidXQgbm90ZSB5b3UgY2hhbmdl IGl0IHRoZSBzYW1lIHdheSBpbiBib3RoIGVuZHMuDQoqIEluIGFsbCBjb25maWd1cmF0aW9uIGZp bGVzICMgc3RhcnRzIGEgY29tbWVudC4NCiogVXNlOiAic2hvd4UiIGNvbW1hbmQgaW4gdGhlIHJv dXRlciBhbmQgInNldGtleSAtRIUiIHRvIHNlZSB3aGF0IGhhcHBlbmVkIHdpdGggeW91IGNvbmZp Z3VyYXRpb24uDQoqIFNpbmNlIHRoZSBzZWN1cml0eSBpcyBJUCBsZXZlbCwgcGluZ2luZyBzZWVt cyBsaWtlIGEgc3VmZmljaWVudCB0ZXN0IGZvciB0aGUgY29uZmlndXJhdGlvbi4NCiogVGhpcyBp cyBpbiBhIHBlYW51dHNoZWxsLCBwbGVhc2UgbG9vayBhdCB0aGUgbGlua3MuDQoNCg0KRmVkb3Jh IENvcmUgMiBTaWRlDQo9PT09PT09PT09PT09PT09PT0NCg0KQ3JlYXRlIGlwc2VjLmNvbmYgZmls ZS4gTm8gc2VjdXJpdHkgYXNzb2NpYXRpb25zIHNob3VsZCBiZSBkZWZpbmVkIGluIHRoYXQgZmls ZSwgdGhleSBhcmUgY3JlYXRlZCBhdXRvbWF0aWNhbGx5IGJ5IHRoZSAicmFjY29vbiIuDQoNCiMh L3Vzci9zYmluL3NldGtleSAtZg0KDQojIENvbmZpZ3VyYXRpb24gZm9yIDEwLjEwLjAuNjENCg0K IyBGbHVzaCB0aGUgU0FEIGFuZCBTUEQNCmZsdXNoOw0Kc3BkZmx1c2g7DQoNCiMgU2VjdXJpdHkg cG9saWNpZXMNCnNwZGFkZCAxMC4xMC4wLjE1IDEwLjEwLjAuNjEgYW55IC1QIGluIGlwc2VjDQpl c3AvdHJhbnNwb3J0Ly9yZXF1aXJlDQphaC90cmFuc3BvcnQvL3JlcXVpcmU7DQpzcGRhZGQgMTAu MTAuMC42MSAxMC4xMC4wLjE1IGFueSAtUCBvdXQgaXBzZWMNCmVzcC90cmFuc3BvcnQvL3JlcXVp cmUNCmFoL3RyYW5zcG9ydC8vcmVxdWlyZTsNCg0KQWRkIHRoZSBwb2xpY2llcyB0byB0aGUgbWFj aGluZToNCg0KW3Jvb3RAZmVkb3JhXSNzZXRrZXkgLWYgaXBzZWMuY29uZg0KDQpDcmVhdGUgcHNr LnR4dCAocHJlLXNoYXJlZCBrZXkpIGZpbGU6DQoNCiMgZmlsZSBmb3IgcHJlLXNoYXJlZCBrZXlz IHVzZWQgZm9yIElLRSBhdXRoZW50aWNhdGlvbg0KIyBmb3JtYXQgaXM6ICAnaWRlbnRpZmllcicg J2tleScNCg0KMTAuMTAuMC4xNSAgIDxzaGFyZWRfc2VjcmV0Pg0KDQpDcmVhdGUgcmFjb29uIGNv bmZpZ3VyYXRpb24gZmlsZSBmb3IgSUtFIHdpdGggYSBzcGVjaWZpYyByZW1vdGUgaG9zdCwgMTAu MTAuMC4xNS5jb25mIDoNCg0KcmVtb3RlIDEwLjEwLjAuMTUNCnsNCiAgICAgICAgZXhjaGFuZ2Vf bW9kZSBtYWluOw0KICAgICAgICBteV9pZGVudGlmaWVyIGFkZHJlc3M7DQogICAgICAgIHByb3Bv c2FsIHsNCiAgICAgICAgICAgICAgICBlbmNyeXB0aW9uX2FsZ29yaXRobSBkZXM7DQogICAgICAg ICAgICAgICAgaGFzaF9hbGdvcml0aG0gbWQ1Ow0KICAgICAgICAgICAgICAgIGF1dGhlbnRpY2F0 aW9uX21ldGhvZCBwcmVfc2hhcmVkX2tleTsNCiAgICAgICAgICAgICAgICBkaF9ncm91cCAyOw0K ICAgICAgICB9DQp9DQoNCkNyZWF0ZSByYWNvb24uY29uZiBmaWxlLiBUaGlzIGZpbGUgaW5jbHVk ZXMgdGhlIHJlbW90ZSBmaWxlLg0KDQojIFJhY29vbiBJS0UgZGFlbW9uIGNvbmZpZ3VyYXRpb24g ZmlsZS4NCiMgU2VlICdtYW4gcmFjb29uLmNvbmYnIGZvciBhIGRlc2NyaXB0aW9uIG9mIHRoZSBm b3JtYXQgYW5kIGVudHJpZXMuDQoNCnBhdGggaW5jbHVkZSAiL2V0Yy9yYWNvb24iOw0KcGF0aCBw cmVfc2hhcmVkX2tleSAiL2V0Yy9yYWNvb24vcHNrLnR4dCI7DQoNCnNhaW5mbyBhZGRyZXNzIDEw LjEwLjAuNjEgYW55IGFkZHJlc3MgMTAuMTAuMC4xNSBhbnkNCnsNCiAgICAgICAgcGZzX2dyb3Vw IDI7DQogICAgICAgIGxpZmV0aW1lIHRpbWUgMTAwMDAgc2Vjb25kczsNCiAgICAgICAgZW5jcnlw dGlvbl9hbGdvcml0aG0gZGVzOw0KICAgICAgICBhdXRoZW50aWNhdGlvbl9hbGdvcml0aG0gaG1h Y19tZDU7DQogICAgICAgIGNvbXByZXNzaW9uX2FsZ29yaXRobSBkZWZsYXRlOw0KfQ0KDQppbmNs dWRlICIxMC4xMC4wLjE1LmNvbmYiOw0KDQpTdGFydCByYWNvb24gaW4gZm9yZWdyb3VuZCBtb2Rl ICgtRikgZm9yIGRlYnVnZ2luZyBpbiB0aGUgZGlyZWN0b3J5IHdoZXJlIHRoZSByYWNvb24uY29u ZiBmaWxlIGlzIGRlZmluZWQuDQoNCltyb290QGZlZG9yYV0jcmFjb29uIC1GDQoNCg0KQ2lzY28g NzIwMCBTZXJpZXMgUm91dGVyIFNpZGUNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQoN CkVudGVyIGNvbmZpZ3VyYXRpb24gbW9kZToNCg0Kcm91dGVyPmVuYWJsZQ0KUGFzc3dvcmQ6DQpy b3V0ZXIjY29uZmlndXJlIHRlcm1pbmFsDQpFbnRlciBjb25maWd1cmF0aW9uIGNvbW1hbmRzLCBv bmUgcGVyIGxpbmUuICBFbmQgd2l0aCBDTlRML1ouDQoNCkNvbmZpZ3VyZSBhIHNlY3VyaXR5IGFj Y2VzcyBsaXN0LiBOb3RlIHRoYXQgInBlcm1pdCIgaGVyZSBtZWFuIHRoYXQgZW5jcnlwdGlvbiBp cyBwZXJtaXR0ZWQsICJkZW55IiBtZWFucyBlbmNyeXB0aW9uIGlzIG5vdCBwZXJtaXR0ZWQuDQoN CnJvdXRlcihjb25maWcpI2lwIGFjY2Vzcy1saXN0IGV4dGVuZGVkIDxsaXN0X25hbWU+DQpyb3V0 ZXIoY29uZmlnLWV4dC1uYWNsKSNwZXJtaXQgaXAgaG9zdCAxMC4xMC4wLjE1IGhvc3QgMTAuMTAu MC42MQ0Kcm91dGVyKGNvbmZpZy1leHQtbmFjbCkjZXhpdA0KDQpBIHRyYW5zZm9ybSBzZXQgaXMg YSBjb21iaW5hdGlvbiBvZiBzZWN1cml0eSBwcm90b2NvbHMgYW5kIGFsZ29yaXRobXMuIFRoaXMg aXMgd2hhdCB0aGUgc2lkZXMgbmVnb3RpYXRlIGR1cmluZyBrZXkgZXhjaGFuZ2UuDQoNCnJvdXRl cihjb25maWcpI2NyeXB0byBpcHNlYyB0cmFuc2Zvcm0tc2V0IDxzZXRfbmFtZT4gYWgtbWQ1LWht YWMgZXNwLWRlcyBlc3AtbWQ1LWhtYWMNCnJvdXRlcihjZmctY3J5cHRvLXRyYW5zKSNtb2RlIHRy YW5zcG9ydA0Kcm91dGVyKGNmZy1jcnlwdG8tdHJhbnMpI2V4aXQNCg0KQSBjcnlwdG8gbWFwIGlz IHRoZSBhc3NvY2lhdGlvbiBiZXR3ZWVuIHRoZSBzZWN1cml0eSBhbGdvcml0aG0gYW5kIGFjY2Vz cyBsaXN0LiBUaGUgbnVtYmVyICcxJyBpcyBqdXN0IGEgc2VxdWVudGlhbCBpbmRleC4NCg0Kcm91 dGVyKGNvbmZpZykjY3J5cHRvIG1hcCA8bWFwX25hbWU+IDEgaXBzZWMtaXNha21wDQolIE5PVEU6 IFRoaXMgbmV3IGNyeXB0byBtYXAgd2lsbCByZW1haW4gZGlzYWJsZWQgdW50aWwgYSBwZWVyDQog ICAgICAgIGFuZCBhIHZhbGlkIGFjY2VzcyBsaXN0IGhhdmUgYmVlbiBjb25maWd1cmVkLg0Kcm91 dGVyKGNvbmZpZy1jcnlwdG8tbWFwKSNzZXQgdHJhbnNmb3JtLXNldCA8c2V0X25hbWU+DQpyb3V0 ZXIoY29uZmlnLWNyeXB0by1tYXApI3NldCBwZnMgZ3JvdXAyDQpyb3V0ZXIoY29uZmlnLWNyeXB0 by1tYXApI3NldCBwZWVyIDEwLjEwLjAuNjENCnJvdXRlcihjb25maWctY3J5cHRvLW1hcCkjbWF0 Y2ggYWRkcmVzcyA8bGlzdF9uYW1lPg0Kcm91dGVyKGNvbmZpZy1jcnlwdG8tbWFwKSNleGl0DQoN CkFzc2lnbiB0aGUgY3J5cHRvIG1hdCB0byB0aGUgaW50ZXJmYWNlLg0KDQpyb3V0ZXIoY29uZmln KSNpbnRlcmZhY2UgRmFzdEV0aGVybmV0IDAvMA0Kcm91dGVyKGNvbmZpZy1pZikjY3J5cHRvIG1h cCA8bWFwX25hbWU+DQpyb3V0ZXIoY29uZmlnLWlmKSNleGl0DQoNCkRlZmluZSB0aGUgcHJlLXNo YXJlZCBrZXkuDQoNCnJvdXRlcihjb25maWcpI2NyeXB0byBpc2FrbXAga2V5IDxzaGFyZWRfc2Vj cmV0PiBhZGRyZXNzIDEwLjEwLjAuNjENCg0KRGVmaW5lIHRoZSBwZWVyIGNvbXB1dGVyLg0KDQpy b3V0ZXIoY29uZmlnKSNjcnlwdG8gaXNha21wIHBlZXIgYWRkcmVzcyAxMC4xMC4wLjYxDQpyb3V0 ZXIoY29uZmlnLWlzYWttcC1wZWVyKSNleGl0DQoNCkRlZmluZSBwb2xpY3kgd2l0aCBwcmlvcml0 eS4NCg0Kcm91dGVyKGNvbmZpZykjY3J5cHRvIGlzYWttcCBwb2xpY3kgMjANCnJvdXRlcihjb25m aWctaXNha21wKSNhdXRoZW50aWNhdGlvbiBwcmUtc2hhcmUNCnJvdXRlcihjb25maWctaXNha21w KSNlbmNyeXB0aW9uIGRlcw0Kcm91dGVyKGNvbmZpZy1pc2FrbXApI2hhc2ggbWQ1DQpyb3V0ZXIo Y29uZmlnLWlzYWttcCkjZ3JvdXAgMg0Kcm91dGVyKGNvbmZpZy1pc2FrbXApI2V4aXQNCg0KTGlu a3MNCj09PT09DQoNCmh0dHA6Ly93d3cuaXBzZWMtaG93dG8ub3JnLw0KaHR0cDovL2xhcnRjLm9y Zy9ob3d0by9pbmRleC5odG1sIC0gbG9vayBhdCBjaGFwdGVyIDcuDQpodHRwOi8vd3d3LmNpc2Nv LmNvbS9lbi9VUy9wcm9kdWN0cy9zdy9pb3Nzd3JlbC9wczE4MzUvcHJvZHVjdHNfY29uZmlndXJh dGlvbl9ndWlkZV9ib29rMDkxODZhMDA4MDBjYTVhZC5odG1sIC0gQ2lzY28gY29uZmlndXJhdGlv biBndWlkZS4NCg== ------=_Part_1354_23117484.1115542905719 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ------=_Part_1354_23117484.1115542905719--