Host-Host IPSec Fedora 10 & XP (PSK)
Setup Fedora using system-config-network
What is needed:
- Make sure system is up2date.
- Just follow wizard. Be sure to let racoon handle security associations.
Setup XP using secpol.msc
What is needed:
- outbound filter for xp machine out to Fedora box. Uncheck Mirrored option.
- outbound security rule for xp out to Fedora box using outbound filter.
- inbound filter for Fedora box into XP box. Uncheck Mirrored option.
- inbound security rule for Fedora box into XP box using inbound filter.
- Filter action with AH set to SHA1 and ESP Integrity set to SHA1 and Encryption set to 3DES. Use filter action for both rules, inbound and outbound. *** Important ***
Notes:
Fedora doesn't allow for configuration of AH or ESP only. XP IPsec configuration must be done with consideration the AH and ESP algorithims must be configured.
References:
Configuring IPsec on your XP Professional laptop
Cannot use IPsec tools with ESP or AH only
What is needed:
- Make sure system is up2date.
- Just follow wizard. Be sure to let racoon handle security associations.
Setup XP using secpol.msc
What is needed:
- outbound filter for xp machine out to Fedora box. Uncheck Mirrored option.
- outbound security rule for xp out to Fedora box using outbound filter.
- inbound filter for Fedora box into XP box. Uncheck Mirrored option.
- inbound security rule for Fedora box into XP box using inbound filter.
- Filter action with AH set to SHA1 and ESP Integrity set to SHA1 and Encryption set to 3DES. Use filter action for both rules, inbound and outbound. *** Important ***
Notes:
Fedora doesn't allow for configuration of AH or ESP only. XP IPsec configuration must be done with consideration the AH and ESP algorithims must be configured.
References:
Configuring IPsec on your XP Professional laptop
Cannot use IPsec tools with ESP or AH only
posted by Stephen at 1:02 PM
0 Comments:
Post a Comment
<< Home