Project

General

Profile

Issue #513

Updated by Tobias Brunner about 5 years ago

I am trying to setup a fully meshed tunnel between 3 Nodes.
Here is how I am setting up the conection in each Node:

/etc/ipsec.conf at NODE_1

<pre>

============================
conn NODE_1
leftsendcert=always
keyexchange=ikev2
left=%any
leftauth=pubkey
leftcert=/flash/node-1-cert.pem
right=%any <<<<<<<<<<<<<<<<<<<<<<<<<<
auto=route
rightid=%any
rightauth=pubkey
ikelifetime=60m
keylife=1440m
rekeymargin=3m
keyingtries=1
compress=no
esp=aes256-sha1-modp2048!
ike=aes256-sha1-modp2048!
installpolicy=yes
type=transport
leftikeport=4500
rightikeport=4500
leftprotoport=1
rightprotoport=1
</pre>



My Topology for 3 Nodes:
========================

<pre>

~
Node_1 --------------------- Node_2
(1.1.1.1) | (1.1.1.2)
|
Node_3
(1.1.1.3)
</pre>






When I ping from Node_1 to Node_2 or Node_3 (ping 1.1.1.2 or 1.1.1.3),
It does not trigger IKE. It goes clear-text ?

Can I get some help on this ?

Thanks..Sisir
IBM, California, US

Back