FreeS/WAN pre-shared keys

[Deven Phillips, CISSP]

Jimen,

	You need to pre-share the public keys. This is done by taking the
public keys and placing them into your connection settings like so:

 conn jching-adtech
         left=%defaultroute
         leftsubnet=192.168.1.0/24
         leftfirewall=yes

	 leftrsasigkey=<Your left side public key>

         right=a.b.c.d
         rightsubnet=10.12.0.0/16
         rightfirewall=yes

	 rightrsasigkey=<Your right side public key>

         auto=start
         keyingtries=3
         authby=secret
 

	This is to ensure that the connection is not being spoofed. If you use
internet negotiated keys, there is always the chance that someone could
send you false keys, and then eavesdrop on your session.

Deven Phillips, CISSP
Network Architect
Viata Online, Inc.