search for: freeswan

I am new to Shorewall and FreeSwan, please excuse my ignorance I was wondering if someone could help me. I had help getting my FreeSwan running with the following iptables commands: iptables -I FORWARD -s 0/0 -d 192.168.1.0/24 -i ipsec0 -o eth1 -j ACCEPT iptables -I FORWARD -s 192.168.1.0/24 -d 0/0 -i eth1 -o ipsec0 -j ACCEPT...

Hi all! I have got a vpn connection set up using FreeSwan and shorewall. Everything works fine but I want to add another subnet to the whole. This means that 1 box will get two net-to-net connections. I want to limit the services on one subnet however. Cuurently I have defined a vpn zone for the current connection and allow all vpn<->loc traffi...

I have been using shorewall and freeswan successfully for 3 or more years now. But they have all been using the Linux 2.4 kernel. My current configuration is (as the title suggests) using SuSE 9.1 which has a 2.6.5 kernel and freeswan 2.0.4 built-in. After much reading and a lot of trial and error, I did get this combination to work with...

...s hosts). rw rw ACCEPT rw loc ACCEPT loc rw ACCEPT /etc/shorewall/tunnels ipsec net 0.0.0.0/0 rw Am I missing something? -Tom > > > ------------------------------------------------------------------------ > > Subject: > [Shorewall-devel] Building custom _updown script for freeswan to make it > talk with shorewall > From: > Tuomo Soini <tis@foobar.fi> > Date: > Sat, 21 Sep 2002 22:23:07 +0300 > To: > Shorewall Devel <shorewall-devel@shorewall.net> > > > I have a plan to make freeswan and shorewall talk to each other. > > Sho...

Hello, I seem to have the Freeswan IPSEC tunnel working between my two sites, but I am still having a problem that looks to be because of something I have configured wrong in my shorewall setup.. I have a LEAF Oxygen < 1.9 heavily modifed firewall setup.. Using FreeSwan 1.91, and Kernel 2.4.8. Modified to use IPTables and st...

...lo, I have setup a samba server at my office as a PDC it stores the profiles on the server fine. I can access the profiles from any computer in the office just fine. My problem is that I work from home 4 days a week and need to access my work profile. I currently VPN into the office network via freeswan. I can log into the the domain from the vpn'd connection and I can access the samba shares. I have samba setup as a WINS server and everything is working great. I am just unable to access my Win2k profile through the VPN. Can anyone tell me how to fix this and if it is even possible. Lando...

I have a plan to make freeswan and shorewall talk to each other. Shorewall doesn''t currently have proper handles to make ipsec and firewall work properly together and I''m planning on building a custom _updown script for freeswan to make it communicate with shorewall. How can I make shorewall work properly...

IF you are not stuck to IPSec, you might want to take a look at OpenVPN (www.openvpn.org). I found OpenVPN easier to install than FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution between my German office and our mainoffice in a matter of hours. Thom van der Boon E-Mail: Thom.van.der.Boon at vdb.nl ===== Thom.H. van der Boon b.v. Havens 563 Jan Evertsenweg 2-4 NL-3115 JA Schiedam Tel.: +31 (0)10 4272727 Fax: +31 (0)10 47...

...on we have a Centos3 box Natting via iptables the internal 192.168.10.x netowrk. My goal is to connect this 2 over the internet via IPsec. I created the IPsec Net2Net via the network configuration graphic tool, and I configured the cisco following the howto http://www.johnleach.co.uk/documents/freeswan-pix/freeswan-pix.html . From my understanding, I should have an ipsec0 network device showing up, so that I could route all traffic from 192.168.10.x directed to 192.168.100.x through it. The thing is that when I try to ifup ipsec0 I get the following errors: modprobe: modprobe: Can't loc...

-----BEGIN PGP SIGNED MESSAGE----- The FreeSWAN project uses rsync to keep our FTP repository up-to-date. The FTP server is at xs4all.nl, and we rsync to one of their FreeBSD boxes (xs1.xs4all.nl) over SSH. We have been experiencing core dumps from the remote rsync. Initially this was with the XS4ALL provided rsync in /usr/local/bin/rsync. Sinc...

This is an idea from FreeSWAN, which was implemented in the recently released version 1.0. Basically the idea is that FreeSWAN sites automatically encrypt traffic between them when possible, without having to set up the link ahead of time. How this works is: The sites publish some info in DNS. FreeSWAN gets some traffic desti...

Hello, I''ve finally managed to setup a firewall with freeswan 2.04 using the kernel crypto api (backported from kernel 2.6). (Almost) everything seems to work fine if I disable shorewall, but packets are filtered whe shorewall is active. I''ve already read a past thread on the subject and I followed all the hints and it actually partially works: my...

...mand) of the linux kernel to solve the routing issues. When advanced routing is activated I can start tunnel0. After a few seconds their is still traffic on ipsec0 but not eth1. When I deactivate advanced routing and bring down eth2, tunnel0 works flawlessly. I used Debian Stable with kernel 2.4.20 Freeswan: 1.98b The setup for the advanced routing looks like this: - -snip- #!/bin/sh function ip { echo ip "$@" /sbin/ip "$@" } [ "$DEBUG" != "1" ] && unset ip # P1 Gateway, P1_NET Network address, IP1 local address, IF1 interfac e export IF1=eth0 ex...

I''m getting insane here. I''m running shorewall 1.3.11 with iptables 1.2.5 and freeswan 1.97 on a 2.4.18-8 kernel aka MNF. The setup is a followed: Lan (192.168.1.x) - FW (eth1 192.168.1.254 - eth0 64.x.y.71) - router 64.x.y.65 (which is default GW on eth0) -internet - 161.a.b.c (FW-1) So a windows client with checkpoint tries to connect to a vpn-1 server on the internet. The secur...

Hi. I am trying to force some traffic that goes to address 203.7.93.94 through a VPN tunnel. I use freeswan 1.98b and Shorewall 1.4.6c in one machine. The 203.7.93.94 is in the DMZ on the other end. (Both ends use the same shorewall and freeswan). I have successfully set up a tunnel between the two network (using a point to point topology, not hub). I added a static routing that redirect 203.7.93.94 to i...

>sample setups of freeswan working with shorewall? I just implemented this a few days ago. In my case it was the simple scenario of two private subnets (with different private network numbers!) already equipped with Shorewall firewalls on which I added Freeswan. The hardest part was being patient enough for the other end...

...cation without IKE support. Does anybody knows if is possible to make my FreeBSD box connect a VPN with the Linux box? If so, could point me to a documentation about how to install IPSec with RSA authentication and how to make it work with FreeS/WAN? I have already read the pages on the sites www.freeswan.org and www.kame.org but I didn?t find it. Thank?s Ronan

...nnel type IP is? but it isn''t a real tunnel, I really want to route everything between a host behind the firewall to a host outside the firewall with no security between them... it''s not like they are transmitting any info of any use to anyone. Also I am setting up VPNs... using freeswan and plain freeswan does not like nat''d packets, so I also use the same technique of poking a whole in the firewall and then running a vpn thru it. I haven''t fully tested the shorewall tunnel set up to do this, but I really need to know how to make a hole in the firewall first as I...

Hello all, I am configuring a vpn between freeswan and windows 2000. I am following the steps at http://www.jacco2.dds.nl/networking/win2000xp-freeswan.html, to get the VPN up and running. using this I have a ppp tunnel between windows and linux, which is inside a l2tp tunnel which is again encrypted by IPSec. (the url gives the configuration in de...

...ned, but clearly the handling of this error is incorrect. Note that the client terminates with non-zero error status (I don't know which one, but, I could find out), which causes our cron job to fail, which is why we noticed this in the first place. Script started on Sun Oct 13 01:52:45 2002 freeswan@xs1:~$ uname -a FreeBSD xs1.xs4all.nl 4.5-RELEASE-p3 FreeBSD 4.5-RELEASE-p3 #0: Fri Apr 19 11:42:45 CEST 2002 cor@xs0.xs4all.nl:/usr/src/sys/compile/XS4ALL-SMP i386 freeswan@xs1:~$ which rsync /home/f/freeswan/bin/rsync freeswan@xs1:~$ rsync --version rsync version 2.5.5 protocol version 26...