Creating a manual tunnel on the second host

To create the matching end of the tunnel, the export files are copied and imported into the remote machine.

Use the following command to create the matching end of the tunnel:

 imptun -v 4 -t 1 -f /tmp

where

1
Is the tunnel to be imported
/tmp
Is the directory where the import files reside

The tunnel number is generated by the system. You can obtain it from the output of the gentun command or by using the lstun command to list the tunnels and determine the correct tunnel number to import. If there is only one tunnel in the import file, or if all the tunnels are to be imported, the -t option is not needed.

If the remote machine is not running this operating system, the export file can be used as a reference for setting up the algorithm, keys, and security parameters index (SPI) values for the other end of the tunnel.

Export files from a firewall product can be imported to create tunnels. To do this, use the -n option when importing the file, as follows:

 imptun -v 4 -f /tmp -n