search for: ipsecx

Hi all, ive been reading lartc howto, im new about traffic shaping/police. As far as red (chapter 9 complete) i saw that first the packet passes at the ingress qdisc, then it passes to the ip stack if the packet is directed to the box or its forwarded (is my case), then it falls to the egress classifier/s. Now, i understand if i have an ipsec vpn at the outside interface, the egress

...ns. I want to limit the services on one subnet however. Cuurently I have defined a vpn zone for the current connection and allow all vpn<->loc traffic. How would I go about in tightening the rope for this other connection? >From the docs I have seen FreeSwan will simply create another ipsecX interface which would simplify the situation if a just assign a new zone to each ipsecX interface. But this would require that I ''force'' FreeSwan to open up ipsec2 for vpn zone2 and ipsec0 for the first vpn zone (if this is possible at all). Any experiences with this and can...

...2.4.32 kernel. On the same host I run IPSec. I have discovered after a few hours of networking problems that, when IPSec is enabled on that patched kernel, inspecting packets with tcpdump while arping-ing a host from a network physically connected to this machine, the arp requests show up on the ipsecX interface instead of the ethX interface. When IPSec isn''t running, Julian''s code works fine. I suspect it has something to do with having two interfaces with the same data (ipsecX mirroring the configuration from ethX). Can anyone give me a hint on how could I solve this proble...

we have an external 2Mbit dsl connection and running on it are several gre vpn tunnels so far i''ve given priority to the vpn traffic (using htb) can i now put rules in for the tunnels to control traffic within each tunnel (that''s where our video conferencing etc runs)? or can i only control the real interface (eth1 in our setup)? if not can i somehow see the packets inside the

Hi All, I''ve got an interoffice IPSEC VPN in place that I''m trying to give priority to terminal service (tcp 3389) traffic. I''ve created rules at each end, but have hit a bit of a dillemma. As the data is encrypted I must also give highest priority to protocol 50 otherwise the priority is lost as the packet gets encrypted. When I do this however, I can''t

Helo to all, I am attempting to establish an IPSEC tunnel to a remote freeswan G/W with my laptop. My laptop sits in behind shorewall at home. From the documentation, this is what I Modified in Shorewall: /etc/shorewall/tunnels: ipsec loc 24.65.x.x /etc/shorewall/policy vpn loc ACCEPT loc vpn ACCEPT My question is, have I left anything out?

OK, I''m stumped. I''ve read through most of the LARTC HOWTO and have yet to find a basis for what I need to accomplish. I have a Linux box that controls access to and from the Internet at my workplace. We have a number of remote employees that connect via PPTP and IPSEC to the office''s internal network. Some of these remote employees are currently using SIP phones.

Hi, I have what to me is an interesting issue. I am wanting to prioritize (QoS) traffic that will be passing through an IPSec (OpenS/WAN) VPN between two (identical) Linux routers. I know that I can apply the IPSec patches (1-4) to the kernel and IPTables (if they are not already applied by now) filter traffic before and after IPSec encapsulation. My problem is that I don''t know