3,250
edits
Changes
Jump to navigation
Jump to search
Line 10:
Line 10: − + + + + + + Line 22:
Line 27: − {{ #smeversion: smeserver-openswan}}+ Line 48:
Line 53: − + + + + + + + + + + + Line 66:
Line 81: − + Line 241:
Line 256: − + − +
no edit summary
An alternative solution is https://wiki.contribs.org/OpenVPN_SiteToSite or https://wiki.contribs.org/OpenVPN_Bridge
An alternative solution is https://wiki.contribs.org/OpenVPN_SiteToSite or https://wiki.contribs.org/OpenVPN_Bridge
Where possible avoid the use of PPTP as it was cracked a long time ago and is very easy to read }}
Where possible avoid the use of PPTP as it was cracked a long time ago and is very easy to read
With IKE v2 it is possible to allow dial in clients.
For older dial clients you can also look at https://wiki.contribs.org/Smeserver-libreswan-xl2tpd
}}
=== Version ===
=== Version ===
<div>Please use the version of openswan in the ReetP repo as below</div>
<div>Please use the version of openswan in the ReetP repo as below</div>
</div>
</div>
====Koozali SME v9====
====Koozali SME v9====
==Installation==
==Installation==
= '''For Koozali SME8''' =
= For Koozali SME10 =
For Koozali SME Server 10, the latest stable Libreswan can be found in the default repo's
Note that the contrib is currently in test so to install:
yum install smeserver-extrarepositories-libreswan -y
db yum_repositories setprop libreswan status enabled Priority 10
signal-event yum-modify
yum --enablerepo=smecontribs,smetest install smeserver-libreswan
Configuration options and notes are here (check the latest branch):
=For Koozali SME8=
For Koozali SME Server 8 you will need the [https://wiki.contribs.org/User:ReetP ReetP] repo to install openswan
For Koozali SME Server 8 you will need the [https://wiki.contribs.org/User:ReetP ReetP] repo to install openswan
{{:Reetspetit|transcludesection=SME9}}
{{:Reetspetit|transcludesection=SME9}}
RedHat have swapped to using Libreswan as their default IPsec implementation.
RedHat have swapped to using Libreswan as their default IPsec implementation.
= '''For Koozali SME9''' =
= For Koozali SME9 =
For Koozali SME Server 9, the latest stable Libreswan can be found in the default repo's
For Koozali SME Server 9, the latest stable Libreswan can be found in the default repo's
rightrsasig: Default Empty | Your Remote rsasignature key
rightrsasig: Default Empty | Your Remote rsasignature key
ipsecversion: Default permit | Whether to allow ikev2 - also : insist/propose/yes/never/no
ipsecversion: Default permit | Whether to allow ikev2 - also : insist/propose/yes/never/no
ike: Default aes-sha1 | Varable
ike: Default aes-sha1 | Variable - sample: aes256-sha2;dh14 or aes256-sha2;modp2048
phase2: Default aes-sha1 | Variable
phase2: Default aes-sha1 | Variable - sample: aes256-sha2;dh14 or aes256-sha2;modp2048
mtu: Default Empty | Variable
mtu: Default Empty | Variable
left: Default Empty | If Empty then %defaultroute is set. Can be local WAN IP
left: Default Empty | If Empty then %defaultroute is set. Can be local WAN IP