search for: ipsec2

...tightening the rope for this other connection? >From the docs I have seen FreeSwan will simply create another ipsecX interface which would simplify the situation if a just assign a new zone to each ipsecX interface. But this would require that I ''force'' FreeSwan to open up ipsec2 for vpn zone2 and ipsec0 for the first vpn zone (if this is possible at all). Any experiences with this and can FreeSwan indeed be forced to create a certain interface number for a certain connection? Thanx for any input! Remco -- This message has been scanned for viruses and dangerous cont...

...ther 00:c0:9f:1e:fa:99 brd ff:ff:ff:ff:ff:ff inet 208.10.57.129/28 brd 208.10.57.143 scope global ipsec0 181: ipsec1: <NOARP,UP> mtu 1280 qdisc pfifo_fast qlen 10 link/ether 00:c0:9f:1e:fa:99 brd ff:ff:ff:ff:ff:ff inet 208.10.57.130/28 brd 208.10.57.143 scope global ipsec1 182: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/ipip 183: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/ipip ip route show 192.168.0.101 via 208.10.57.142 dev ipsec0 208.10.57.128/28 dev eth0 scope link 208.10.57.128/28 dev ipsec0 proto kernel scope link src 208.10.57.129 208.10.5...

....168.10.1/24 brd 192.168.100.255 scope global eth2 12: ipsec0: <NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 10 link/ether 00:04:e2:1c:f5:db brd ff:ff:ff:ff:ff:ff inet 64.42.53.202/29 brd 64.42.53.207 scope global ipsec0 13: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10 link/void 14: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/void 15: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/void [root@ns1 root]#

...inet 10.1.1.1 peer 10.1.1.2/32 scope global tun0 6: ipsec0: <NOARP,UP> mtu 16260 qdisc pfifo_fast qlen 10 link/ether 00:02:e3:13:02:78 brd ff:ff:ff:ff:ff:ff inet 216.12.22.89/26 brd 216.12.22.127 scope global ipsec0 7: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10 link/ipip 8: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/ipip 9: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/ipip firewall: -root- # ip route sho 216.12.22.89 via 10.1.1.2 dev tun0 10.1.1.2 dev tun0 proto kernel scope link src 10.1.1.1 216.12.22.64/26 dev eth0 proto kernel scope link...

...5: tunl0@NONE: <NOARP> mtu 1480 qdisc noop link/ipip 0.0.0.0 brd 0.0.0.0 6: gre0@NONE: <NOARP> mtu 1476 qdisc noop link/gre 0.0.0.0 brd 0.0.0.0 7: ipsec0: <NOARP> mtu 0 qdisc noop qlen 10 link/void 8: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10 link/void 9: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/void 10: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/void 11: sit0@NONE: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 $ ip route show 66.17.244.0/24 dev eth0 proto kernel scope link src 66.17.244.20 default v...

Hello! I am using shorewall shorewall-2.0.11-1 on fedora core2 (iptables-1.2.9-95.7). My box has 2 physical nic´s plus one virt. ipsec interface for a freeswan-vpn connection. A few days ago, portsentry spit out a lot of connections from windows clients (port 135, 445). Ooops. I review my shorewall settings but could not find a mistake. So I took a win-client and established a second

...et 172.16.1.1 peer 172.16.1.2/32 scope global tun0 13: ipsec0: <NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 10 link/ether 00:04:e2:1c:f5:db brd ff:ff:ff:ff:ff:ff inet 64.42.53.202/29 brd 64.42.53.207 scope global ipsec0 14: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10 link/void 15: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/void 16: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/void [root@ns1 root]# ip route show 172.16.1.2 dev tun0 proto kernel scope link src 172.16.1.1 64.42.53.203 dev eth2 scope link 64.42.53.200/29 dev eth0 scope link 64.42.53.200/29...