search for: ipsec

Displaying 20 results from an estimated 1141 matches for "ipsec".

Did you mean: ipset
2005 May 17
4
HOW TO Enable IPSec for FreeBSD.......???
Hi, I have tried to enable IPSec support for my FreeBSD( 4.11-RELEASE) system. First, I copied the generic kernel configuration file to a file I called MYKERNEL: #cp /usr/src/sys/i386/conf/GENERIC /usr/src/sys/i386/conf/MYKERNEL Then, I added the following three lines to the options section of /usr/src/sys/i386/conf/MYKERNEL...
2004 Dec 02
8
Correct Shorewall version for RedHat ES3
Hello all -- I am trying to get Shorewall, ipsec and RedHat ES version 3 to cooperate. Before posting any specific problems, I thought I''d find out if I have the right stuff to work with. (I''ve gotten ipsec to work flawlessly with Shorewall using RH 8 and 9 kernels, so I have some experience with it. Shorewall 2.0.12 works...
2006 Aug 21
3
Connecting CentOS to IPSEC VPN (Checkpoint FW1)
Hi, Does anyone have experience using IPSEC on CentOS in order to connect to vendor IPSEC-based VPN products (specifically Checkpoint FW1) ? Is the included IPSEC implementation sufficient, or do people have to rely on OpenSWAN or FreeSWAN ? I'd be testing tomorrow and I'm interested with experiences others have had and things to...
2005 Apr 27
5
26sec kame ipsec tunnel : packets leave unencrypted...
...orking. My problem: I want to setup a tunnel for the following networks (tunnel esp 3des): 192.168.1.0/24 -|A|- 62.212.109.16 <--- INTERNET ---> 82.234.240.117 -|B|- 192.168.0.0/24 On "B", setkey -DP gives the following: 192.168.0.0/24[any] 192.168.1.0/24[any] any out ipsec esp/tunnel/82.234.240.117-62.212.109.16/require created: Apr 27 12:18:35 2005 lastused: lifetime: 0(s) validtime: 0(s) spid=313 seq=5 pid=5812 refcnt=1 When I try to ping the A router from the B router (using 192.168. addresses of course), packets are sent...
2005 Apr 20
4
Linux Kernel 2.6, Ipsec, ADSL (dynamic addresses)
Hi, I successfully connected quite a few servers with their associated networks using Suse 9.1/9.2 (Kernel 2.6.x) and IPSEC tunnels. But now I have to add another server that has a ADSL connection to the internet, that means it has a dynamic IP address which is likely to change every few hours, since the provider disconnects from time to time. I found a way to restart the IPSEC connection when the ASDL connection res...
2005 May 23
2
How to setup IPSec tunnel between FreeBSD and Linux systems...?
Hi, I am trying to setup ipsec tunnel between Freebsd (host1) and Linux (host2) systems.And I also interested in executing some ipsec test cases( Like TAHI conformance test suite) on the same connection. Please, suggest me some details regarding this setup and Specify any materials which can be obtained from from any locations(s...
2003 May 15
2
FW: iHEADS UP: ipsec packet filtering change
> -----Original Message----- > From: Greg Panula [mailto:greg.panula@dolaninformation.com] > Sent: 12 May 2003 11:10 > To: Matthew Braithwaite > Cc: stable@freebsd.org > Subject: Re: iHEADS UP: ipsec packet filtering change > > You don't really need the gif tunnels for ipsec. Gif is more geared > towards ipv4 <=> ipv6 type tunnels. A few of ipsec how-to's mention > using gif tunnels and I've been tripped up by it, too. > > ipsec is much easier without the...
2013 Mar 04
6
Centos6 ipsec troubles
Hello, it looks like the usual way to do ipsec on centos5 won't work anymore on centos6 I installed ipsec-tools but an interface type IPsec is not recognized by the kernel ifup ipsec0 Device does not seem to be present, delaying initialization. I am not planning to use the awful OpenSwan, I Want to sue the Kame implementation which w...
2003 Oct 26
4
linux-xp x509 ipsec connection
hi, I can''t get a freeswan 2.02 ipsec x509 connection at work can somebody help me? ************************************************************************************* global situation ************************************************************************************* the linux gateway (chivas) is a single machine 192.168.1.250 w...
2008 Jan 22
10
IPSEC VPN to VPN firewalling problem
...organise all the rules and so on (beforethat I''ve been using simple iptables rules in shell script ;-) Generally it''s quite easy to be used, but anyway found one problem which I cannot handle myself - or in other words - cannot find appropriate way :-) I''ve set up VPN (IPSEC on 2.6 and racoon) on linux machine with iptables - generally VPN traffic lan<->vpn works fine. But I would like to make this box to be a VPN hub and I would like to allow vpn<->vpn traffic. I''ve spent a lot of time making Ipsec to work and finally I''ve achieved situa...
2006 Mar 13
1
clarification on ipsec and masqing
Hi, Just seeking some clarification on the current state of play with masqing ipsec connections. I have a client who establishs many different outbound ipsec connections. So thats - many local clients, through linux firewall, to many different ipsec ''servers''. they currently assign a public ip for outbound nat to each user to connect out to the ipsec connection,...
2005 Jan 30
11
Poor ipsec performance with policy match
Hello ! I have a performance issue with Kernel 2.6.X and policy match support as suggested in http://shorewall.net/IPSEC-2.6.html. My IPSEC performance doesn''t exeed about 30kbyte/sec even if my downlink is 1024kbit/sec and should reach more than 100kbyte/sec. No, its not the cpu''s performance (AMD Barton 2500+) and no it''s not the gateway (CELERON 600 Mhz) on the remote side. If I dis...
2004 Nov 15
1
IPSec tunnel
Hi! I''m testing IPSec tunnels, having the following test schemma: Host A - eth0: 192.168.1.67 eth1: 192.168.10.1 Host B - eth0: 192.168.1.254 eth1: 192.168.20.1 I''ve succesfully configured an IPSec tunnel in order to safely communicate from 192.168.10.0/24 (which is obviously behind Hos...
2004 Dec 19
6
IPSEC vs OpenVPN
While I have concentrated on support for 2.6 native IPSEC in release 2.2.0, I am still of the opinion that unless you absolutely need IPSEC compatibility that OpenVPN is a much easier (and in the case of roadwarriors, a much better) solution. Having already generated all of the required X.509 certificates, it took me less than 1/2 hr to replace my IPSEC...
2004 Sep 03
3
traffic queueing and ipsec vpn
...w about traffic shaping/police. As far as red (chapter 9 complete) i saw that first the packet passes at the ingress qdisc, then it passes to the ip stack if the packet is directed to the box or its forwarded (is my case), then it falls to the egress classifier/s. Now, i understand if i have an ipsec vpn at the outside interface, the egress classifiers will act before the packet leave the kernel and enter to the vpn tunnel, is this correct? Here''s my situation , i have a "headquarter" box that is a database (to call it with a name) and then a lot of branches that send queri...
2004 Oct 06
7
Re: IPsec problems with tunneled networks
class wrote on 06/10/2004 11:18:48: > Hello, I have the following situation: > > 192.168.176.0/24 ------ A ========== B ------ 192.168.177.0/24 > 192.168.176.2 pop3 ipsec > racoon > > > policy: (Machine A and B) > ------- > loc vpn ACCEPT > vpn loc ACCEPT > all all REJECT info > > > rules: (Machine A) > ------ > ACCE...
2004 Oct 06
7
Re: IPsec problems with tunneled networks
class wrote on 06/10/2004 11:18:48: > Hello, I have the following situation: > > 192.168.176.0/24 ------ A ========== B ------ 192.168.177.0/24 > 192.168.176.2 pop3 ipsec > racoon > > > policy: (Machine A and B) > ------- > loc vpn ACCEPT > vpn loc ACCEPT > all all REJECT info > > > rules: (Machine A) > ------ > ACCE...
2004 Apr 10
2
IPSec debug
Hi, I have FreeBSD box with network interface having y.y.y.y ip address. On same box i configure next ipsec ploicys to process trafic from hardware ipsec enabled device. spdadd 0.0.0.0/0 x.x.x.x/24 any -P out ipsec esp/tunnel/y.y.y.y-z.z.z.z/require; spdadd x.x.x.x/24 0.0.0.0/0 any -P in ipsec esp/tunnel/z.z.z.z-y.y.y.y/require; Is it possible to see decrypted incoming packets, and outgoing packets bef...
2007 Jan 05
18
GRE over IPSec VPN
...ram of what I am trying to configure: http://6bit.com/img/netdiag.png Currently I only have Shorewall running on the host on the right of the diagram until I can get this working then I''ll add it to the other host as well. I''ve read the docs on GRE/IPIP tunneling and the docs on IPSec transport with the 2.6 kernel. I''ve been able to get the IPSec transport connection set up successfully and the ESP packets are successfully flowing through the firewall. I am running Kernel 2.6.18, Shorewall 3.2.4, iptables 1.3.5, and iproute iproute2-ss060323. The problem is that I ca...
2003 Apr 07
4
BW using CBQ/tc for VPN Ipsec i/f?
Hi all, I want to allocate bandwidth for ipsec interface using CBQ/tc. Suppose the conf. file is like this, DEVICE=ipsec0,10Mbit,1Mbit RATE=128Kbit WEIGHT=10Kbit PRIO=5 RULE=192.128.1.0/24 Does it work or What else options need to be taken care like ipsec packets/protocol/port # etc.? C''d anybody suggest please? regds, Srikanth....