Host-to host config:
configure ifcfg-ipsec[number] on both machine
DST=X.X.X.X
TYPE=IPSEC
ONBOOT=yes
IKE_METHOD=PSK
Configure keys-ipsec[number]
IKE_PSK=secretkey
use setkey -f [filename] to set policy
use ifup ipsec[number] to start encryption.
use command tcpdump -n -i host [IPaddress of other machine] to find out whether encryption is taking place or not.
No comments:
Post a Comment