thr3ads.net - CentOS - [CentOS] IPSec multiple VPN setups [Mar 2016]

If this information is useful, please help other people find it:
Share via:

Mike - st257

2016-Mar-21 17:17 UTC

[CentOS] IPSec multiple VPN setups

I second Eero's comment, use a new IPSec daemon.

Openswan was forked and became Libreswan. Paul, now a RH employee, was a
main developer for the Openswan project before he and others created the
Libreswan fork.
https://libreswan.org/

EL6 has Openswan
EL7 has Libreswan

Racoon isn't all that fun to work with.
If you have the option, ditch it and EL5 and move to a newer platform
(preferably EL7 with Libreswan).


On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <eero.volotinen at iki.fi>
wrote:
> Yes you can. Please use newer version of centos and strong/openswan.
>
> Eero
> 21.3.2016 7.05 ip. "Glenn Pierce" <glennpierce at
gmail.com> kirjoitti:
>
> > Hi I hope someone can answer something I'm sure is quite basic.
> >
> > I am following the instructions at
> > https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
> > On setting up a VPN
> >
> > The part I am having trouble with is when it show the
> > /etc/racoon/racoon.conf file.
> > But it doesn't say whay you have to do with this file.
> >
> > When I bring up my connection
> >
> > ifup bicester
> >
> > I get
> > RTNETLINK answers: No such device
> >
> > looking at /var/messages I see
> >
> > ERROR: failed to bind to address 127.0.0.1[500] (Address already in
use).
> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address *.*.*.*[500]
> > (Address already in use).
> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address *.*.*.*[500]
> > (Address already in use).
> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address *.*.*.*[500]
> > (Address already in use).
> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address ::1[500]
> > (Address already in use).
> > Mar 21 17:01:05  racoon: INFO: fe80::bcef:4fff:fe66:82ec%eth0[500]
> > used as isakmp port (fd=25)
> >
> > There was an existing setup done long ago.
> >
> > How can I setup more than one vpn connection (manually as this is a
> > headless server)
> > or is that not possible ?
> >
> > Thanks for any pointers
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
---~~.~~---
Mike
//  SilverTip257  //

Eero Volotinen

2016-Mar-21 17:20 UTC

head link

[CentOS] IPSec multiple VPN setups

And centos 5 is really soon end of life.

Eero
21.3.2016 7.18 ip. "Mike - st257" <silvertip257 at gmail.com>
kirjoitti:
> I second Eero's comment, use a new IPSec daemon.
>
> Openswan was forked and became Libreswan. Paul, now a RH employee, was a
> main developer for the Openswan project before he and others created the
> Libreswan fork.
> https://libreswan.org/
>
> EL6 has Openswan
> EL7 has Libreswan
>
> Racoon isn't all that fun to work with.
> If you have the option, ditch it and EL5 and move to a newer platform
> (preferably EL7 with Libreswan).
>
>
> On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <eero.volotinen at
iki.fi>
> wrote:
>
> > Yes you can. Please use newer version of centos and strong/openswan.
> >
> > Eero
> > 21.3.2016 7.05 ip. "Glenn Pierce" <glennpierce at
gmail.com> kirjoitti:
> >
> > > Hi I hope someone can answer something I'm sure is quite
basic.
> > >
> > > I am following the instructions at
> > >
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
> > > On setting up a VPN
> > >
> > > The part I am having trouble with is when it show the
> > > /etc/racoon/racoon.conf file.
> > > But it doesn't say whay you have to do with this file.
> > >
> > > When I bring up my connection
> > >
> > > ifup bicester
> > >
> > > I get
> > > RTNETLINK answers: No such device
> > >
> > > looking at /var/messages I see
> > >
> > > ERROR: failed to bind to address 127.0.0.1[500] (Address already
in
> use).
> > > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
> > > (Address already in use).
> > > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
> > > (Address already in use).
> > > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
> > > (Address already in use).
> > > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
::1[500]
> > > (Address already in use).
> > > Mar 21 17:01:05  racoon: INFO:
fe80::bcef:4fff:fe66:82ec%eth0[500]
> > > used as isakmp port (fd=25)
> > >
> > > There was an existing setup done long ago.
> > >
> > > How can I setup more than one vpn connection (manually as this is
a
> > > headless server)
> > > or is that not possible ?
> > >
> > > Thanks for any pointers
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS at centos.org
> > > https://lists.centos.org/mailman/listinfo/centos
> > >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
>
>
>
> --
> ---~~.~~---
> Mike
> //  SilverTip257  //
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

Mike - st257

2016-Mar-21 17:23 UTC

head link

[CentOS] IPSec multiple VPN setups

On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com>
wrote:
> I second Eero's comment, use a new IPSec daemon.
>
> Openswan was forked and became Libreswan. Paul, now a RH employee, was a
> main developer for the Openswan project before he and others created the
> Libreswan fork.
> https://libreswan.org/
>
> EL6 has Openswan
> EL7 has Libreswan
>
> Racoon isn't all that fun to work with.
> If you have the option, ditch it and EL5 and move to a newer platform
> (preferably EL7 with Libreswan).
>
There's an RPM spec file (though I've not used it) for building Openswan
for EL5.
https://github.com/xelerance/Openswan/tree/master/packaging/centos5

Additionally, here's some info but I advise against the Racoon IPSec daemon.
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-racoon-conf.html
https://wiki.debian.org/IPsec

>
>
> On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <eero.volotinen at
iki.fi>
> wrote:
>
>> Yes you can. Please use newer version of centos and strong/openswan.
>>
>> Eero
>> 21.3.2016 7.05 ip. "Glenn Pierce" <glennpierce at
gmail.com> kirjoitti:
>>
>> > Hi I hope someone can answer something I'm sure is quite
basic.
>> >
>> > I am following the instructions at
>> >
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
>> > On setting up a VPN
>> >
>> > The part I am having trouble with is when it show the
>> > /etc/racoon/racoon.conf file.
>> > But it doesn't say whay you have to do with this file.
>> >
>> > When I bring up my connection
>> >
>> > ifup bicester
>> >
>> > I get
>> > RTNETLINK answers: No such device
>> >
>> > looking at /var/messages I see
>> >
>> > ERROR: failed to bind to address 127.0.0.1[500] (Address already
in
>> use).
>> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
>> > (Address already in use).
>> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
>> > (Address already in use).
>> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
>> > (Address already in use).
>> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address ::1[500]
>> > (Address already in use).
>> > Mar 21 17:01:05  racoon: INFO: fe80::bcef:4fff:fe66:82ec%eth0[500]
>> > used as isakmp port (fd=25)
>> >
>> > There was an existing setup done long ago.
>> >
>> > How can I setup more than one vpn connection (manually as this is
a
>> > headless server)
>> > or is that not possible ?
>> >
>> > Thanks for any pointers
>> > _______________________________________________
>> > CentOS mailing list
>> > CentOS at centos.org
>> > https://lists.centos.org/mailman/listinfo/centos
>> >
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
>
> --
> ---~~.~~---
> Mike
> //  SilverTip257  //
>


-- 
---~~.~~---
Mike
//  SilverTip257  //

Eero Volotinen

2016-Mar-21 17:36 UTC

head link

[CentOS] IPSec multiple VPN setups

Centos 5 is still soon end of life. Using it as ipsec gateway is ..

Eero
21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com>
kirjoitti:
> On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at
gmail.com>
> wrote:
>
> > I second Eero's comment, use a new IPSec daemon.
> >
> > Openswan was forked and became Libreswan. Paul, now a RH employee, was
a
> > main developer for the Openswan project before he and others created
the
> > Libreswan fork.
> > https://libreswan.org/
> >
> > EL6 has Openswan
> > EL7 has Libreswan
> >
> > Racoon isn't all that fun to work with.
> > If you have the option, ditch it and EL5 and move to a newer platform
> > (preferably EL7 with Libreswan).
> >
>
> There's an RPM spec file (though I've not used it) for building
Openswan
> for EL5.
> https://github.com/xelerance/Openswan/tree/master/packaging/centos5
>
> Additionally, here's some info but I advise against the Racoon IPSec
> daemon.
>
>
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-racoon-conf.html
> https://wiki.debian.org/IPsec
>
>
> >
> >
> > On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <eero.volotinen at
iki.fi>
> > wrote:
> >
> >> Yes you can. Please use newer version of centos and
strong/openswan.
> >>
> >> Eero
> >> 21.3.2016 7.05 ip. "Glenn Pierce" <glennpierce at
gmail.com> kirjoitti:
> >>
> >> > Hi I hope someone can answer something I'm sure is quite
basic.
> >> >
> >> > I am following the instructions at
> >> >
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
> >> > On setting up a VPN
> >> >
> >> > The part I am having trouble with is when it show the
> >> > /etc/racoon/racoon.conf file.
> >> > But it doesn't say whay you have to do with this file.
> >> >
> >> > When I bring up my connection
> >> >
> >> > ifup bicester
> >> >
> >> > I get
> >> > RTNETLINK answers: No such device
> >> >
> >> > looking at /var/messages I see
> >> >
> >> > ERROR: failed to bind to address 127.0.0.1[500] (Address
already in
> >> use).
> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
> >> > (Address already in use).
> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
> >> > (Address already in use).
> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
*.*.*.*[500]
> >> > (Address already in use).
> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
::1[500]
> >> > (Address already in use).
> >> > Mar 21 17:01:05  racoon: INFO:
fe80::bcef:4fff:fe66:82ec%eth0[500]
> >> > used as isakmp port (fd=25)
> >> >
> >> > There was an existing setup done long ago.
> >> >
> >> > How can I setup more than one vpn connection (manually as
this is a
> >> > headless server)
> >> > or is that not possible ?
> >> >
> >> > Thanks for any pointers
> >> > _______________________________________________
> >> > CentOS mailing list
> >> > CentOS at centos.org
> >> > https://lists.centos.org/mailman/listinfo/centos
> >> >
> >> _______________________________________________
> >> CentOS mailing list
> >> CentOS at centos.org
> >> https://lists.centos.org/mailman/listinfo/centos
> >>
> >
> >
> >
> > --
> > ---~~.~~---
> > Mike
> > //  SilverTip257  //
> >
>
>
>
> --
> ---~~.~~---
> Mike
> //  SilverTip257  //
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

Leon Fauster

2016-Mar-21 22:23 UTC

head link

[CentOS] IPSec multiple VPN setups

Am 21.03.2016 um 18:17 schrieb Mike - st257 <silvertip257 at
gmail.com>:> I second Eero's comment, use a new IPSec daemon.
> 
> Openswan was forked and became Libreswan. Paul, now a RH employee, was a
> main developer for the Openswan project before he and others created the
> Libreswan fork.
> https://libreswan.org/
> 
> EL6 has Openswan
> EL7 has Libreswan
> 
> Racoon isn't all that fun to work with.
> If you have the option, ditch it and EL5 and move to a newer platform
> (preferably EL7 with Libreswan)

Libreswan will be in the next EL6 release ...

--
LF

Eero Volotinen

2016-Mar-22 04:36 UTC

head link

[CentOS] IPSec multiple VPN setups

Anyway, they both use compatible config files?

Eero
22.3.2016 12.23 ap. "Leon Fauster" <leonfauster at
googlemail.com> kirjoitti:
> Am 21.03.2016 um 18:17 schrieb Mike - st257 <silvertip257 at
gmail.com>:
> > I second Eero's comment, use a new IPSec daemon.
> >
> > Openswan was forked and became Libreswan. Paul, now a RH employee, was
a
> > main developer for the Openswan project before he and others created
the
> > Libreswan fork.
> > https://libreswan.org/
> >
> > EL6 has Openswan
> > EL7 has Libreswan
> >
> > Racoon isn't all that fun to work with.
> > If you have the option, ditch it and EL5 and move to a newer platform
> > (preferably EL7 with Libreswan)
>
>
> Libreswan will be in the next EL6 release ...
>
> --
> LF
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

Seemingly Similar Threads

Search for more apparently analagous threads

CentOS - Mar 2016 - IPSec multiple VPN setups

[CentOS] IPSec multiple VPN setups

[CentOS] IPSec multiple VPN setups

[CentOS] IPSec multiple VPN setups

[CentOS] IPSec multiple VPN setups

[CentOS] IPSec multiple VPN setups

[CentOS] IPSec multiple VPN setups

Seemingly Similar Threads