search for: ipseced

Hi, I have tried to enable IPSec support for my FreeBSD( 4.11-RELEASE) system. First, I copied the generic kernel configuration file to a file I called MYKERNEL: #cp /usr/src/sys/i386/conf/GENERIC /usr/src/sys/i386/conf/MYKERNEL Then, I added the following three lines to the options section of /usr/src/sys/i386/conf/MYKERNEL: options IPSEC options IPSEC_ESP options

Hello all -- I am trying to get Shorewall, ipsec and RedHat ES version 3 to cooperate. Before posting any specific problems, I thought I''d find out if I have the right stuff to work with. (I''ve gotten ipsec to work flawlessly with Shorewall using RH 8 and 9 kernels, so I have some experience with it. Shorewall 2.0.12 works fine on this ES 3 box, except for the ipsec part)

Hi, Does anyone have experience using IPSEC on CentOS in order to connect to vendor IPSEC-based VPN products (specifically Checkpoint FW1) ? Is the included IPSEC implementation sufficient, or do people have to rely on OpenSWAN or FreeSWAN ? I'd be testing tomorrow and I'm interested with experiences others have had and things to look out for. Thanks in advance, -- dag wieers, dag

Hi everyone, First of all, this is my first post in this ML, so I''m not sure that this is the right place for my question (please don''t shoot me down ;)). For the record, I''ve been reading and using LARTC for almost 3 years now, and it''s a great help for anyone who wants to learn linux networking. My problem: I want to setup a tunnel for the following

Hi, I successfully connected quite a few servers with their associated networks using Suse 9.1/9.2 (Kernel 2.6.x) and IPSEC tunnels. But now I have to add another server that has a ADSL connection to the internet, that means it has a dynamic IP address which is likely to change every few hours, since the provider disconnects from time to time. I found a way to restart the IPSEC connection when

Hi, I am trying to setup ipsec tunnel between Freebsd (host1) and Linux (host2) systems.And I also interested in executing some ipsec test cases( Like TAHI conformance test suite) on the same connection. Please, suggest me some details regarding this setup and Specify any materials which can be obtained from from any locations(site).. I have enabled IPSec support for FreeBSD (4.11 Release) and

> -----Original Message----- > From: Greg Panula [mailto:greg.panula@dolaninformation.com] > Sent: 12 May 2003 11:10 > To: Matthew Braithwaite > Cc: stable@freebsd.org > Subject: Re: iHEADS UP: ipsec packet filtering change > > You don't really need the gif tunnels for ipsec. Gif is more geared > towards ipv4 <=> ipv6 type tunnels. A few of ipsec

Hello, it looks like the usual way to do ipsec on centos5 won't work anymore on centos6 I installed ipsec-tools but an interface type IPsec is not recognized by the kernel ifup ipsec0 Device does not seem to be present, delaying initialization. I am not planning to use the awful OpenSwan, I Want to sue the Kame implementation which was working fine on CentOS5 any hints ? thank you

hi, I can''t get a freeswan 2.02 ipsec x509 connection at work can somebody help me? ************************************************************************************* global situation ************************************************************************************* the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24, a dyn IP via a DSL

Dear Shorewall Users :-) I''ve been playing with shorewall for some time now - I found it really interesting and easy tool to organise all the rules and so on (beforethat I''ve been using simple iptables rules in shell script ;-) Generally it''s quite easy to be used, but anyway found one problem which I cannot handle myself - or in other words - cannot find appropriate

Hi, Just seeking some clarification on the current state of play with masqing ipsec connections. I have a client who establishs many different outbound ipsec connections. So thats - many local clients, through linux firewall, to many different ipsec ''servers''. they currently assign a public ip for outbound nat to each user to connect out to the ipsec connection, so we have a one

Hello ! I have a performance issue with Kernel 2.6.X and policy match support as suggested in http://shorewall.net/IPSEC-2.6.html. My IPSEC performance doesn''t exeed about 30kbyte/sec even if my downlink is 1024kbit/sec and should reach more than 100kbyte/sec. No, its not the cpu''s performance (AMD Barton 2500+) and no it''s not the gateway (CELERON 600 Mhz) on the

Hi! I''m testing IPSec tunnels, having the following test schemma: Host A - eth0: 192.168.1.67 eth1: 192.168.10.1 Host B - eth0: 192.168.1.254 eth1: 192.168.20.1 I''ve succesfully configured an IPSec tunnel in order to safely communicate from 192.168.10.0/24 (which is obviously behind Host A), and 192.168.20.0/24 (obviously behind Host B) In this test

While I have concentrated on support for 2.6 native IPSEC in release 2.2.0, I am still of the opinion that unless you absolutely need IPSEC compatibility that OpenVPN is a much easier (and in the case of roadwarriors, a much better) solution. Having already generated all of the required X.509 certificates, it took me less than 1/2 hr to replace my IPSEC testbed with an OpenVPN one using the new

Hi all, ive been reading lartc howto, im new about traffic shaping/police. As far as red (chapter 9 complete) i saw that first the packet passes at the ingress qdisc, then it passes to the ip stack if the packet is directed to the box or its forwarded (is my case), then it falls to the egress classifier/s. Now, i understand if i have an ipsec vpn at the outside interface, the egress

class wrote on 06/10/2004 11:18:48: > Hello, I have the following situation: > > 192.168.176.0/24 ------ A ========== B ------ 192.168.177.0/24 > 192.168.176.2 pop3 ipsec > racoon > > > policy: (Machine A and B) > ------- > loc vpn ACCEPT > vpn loc ACCEPT > all

class wrote on 06/10/2004 11:18:48: > Hello, I have the following situation: > > 192.168.176.0/24 ------ A ========== B ------ 192.168.177.0/24 > 192.168.176.2 pop3 ipsec > racoon > > > policy: (Machine A and B) > ------- > loc vpn ACCEPT > vpn loc ACCEPT > all

Hi, I have FreeBSD box with network interface having y.y.y.y ip address. On same box i configure next ipsec ploicys to process trafic from hardware ipsec enabled device. spdadd 0.0.0.0/0 x.x.x.x/24 any -P out ipsec esp/tunnel/y.y.y.y-z.z.z.z/require; spdadd x.x.x.x/24 0.0.0.0/0 any -P in ipsec esp/tunnel/z.z.z.z-y.y.y.y/require; Is it possible to see decrypted incoming packets, and outgoing

Hey guys I''ve been beating my head on this for a few hours. Maybe it is just a stupid configuration error you can point me at. First here is a small diagram of what I am trying to configure: http://6bit.com/img/netdiag.png Currently I only have Shorewall running on the host on the right of the diagram until I can get this working then I''ll add it to the other host as well.

Hi all, I want to allocate bandwidth for ipsec interface using CBQ/tc. Suppose the conf. file is like this, DEVICE=ipsec0,10Mbit,1Mbit RATE=128Kbit WEIGHT=10Kbit PRIO=5 RULE=192.128.1.0/24 Does it work or What else options need to be taken care like ipsec packets/protocol/port # etc.? C''d anybody suggest please? regds, Srikanth. _______________________________________________ LARTC