search for: preshar

...n.conf with generate_policy on; This way your clients connect and racoon sets up any policy they request. This is a bit ugly as you have to trust them not to screw up your policy but seems to be the only solution currently availale with racoon. You will also want to use certificates instead of preshared keys for authentication unless you are comfortable with having a single preshared key for all your roaming users. Solution 2: We have a setup where we have 3 offices each with dynamic ip's and freebsd boxes as their gateways. The boxes all run scripts to register their dynamic ip address a...

...p working configuration - i am using it for pptpd (VPN server) to authentificate against freeradius with ldap . Windows VPN client can connect to our company network and use it. Next i want to add user/password auth to our WIFI (based on Dlink AP - with radius support). We are currently using wpa-preshared key. i want to use wpa enterprise with ldap authentification (providing username and password) without need to install any certificate on windows. First to make a clear - how do i achieve it? --- i mean exactly which protocol i need to use and how it works (some shortcut to such howto) How do i...

Hi All: Ok, here is my network: 192.168.1.0/28 is the network behind the Cisco, the Gig0/1 interface is 192.168.1.1. Linux box is 192.168.1.96/28 behind with 192.168.1.97 the Eth1 interface. I have the Ipsec tunnel up and working between them using preshared keys. So that works. Here is the Cisco tunnel setup: interface Tunnel6 ip address 192.168.2.110 255.255.255.240 tunnel source 192.168.1.1 tunnel destination 192.168.1.97 Here is the Linux Tunnel setup: modprobe ip_gre ip tunnel add GDC1 mode gre remote 192.168.1.1 local 192.168.1.97 ttl 255...

...stablish the SA. I am not understading as to why it is going in key_checkrequest ans crashing. Please anyone who have used racoon with hfreebsd-4.11 can guide me if i am doing something wrong. The config file is given below. I have compiled the kernel with IPSEC ,IPSEC_ESP options. I am using a preshared key file. my configuration file is given below: #!/usr/local/bin/racoon # CONFIGURATION FILE FOR 192.168.190.44 path include "/root"; path pre_shared_key "/root/psk.txt"; log debug2; padding { maximum_length 20; randomize off; strict_check off; exclusive_tail off; }...

IF you are not stuck to IPSec, you might want to take a look at OpenVPN (www.openvpn.org). I found OpenVPN easier to install than FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution between my German office and our mainoffice in a matter of hours. Thom van der Boon E-Mail: Thom.van.der.Boon at vdb.nl ===== Thom.H. van der Boon b.v. Havens 563 Jan Evertsenweg 2-4 NL-3115 JA Schiedam

...4.1.164.95:500 -> 64.1.164.92:500: isakmp 1.0 msgid 00000000: phase 1 I ident: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=lifetype value=sec)(type=lifeduration len=4 value=00015180)(type=enc value=3des)(type=auth value=preshared)(type=hash value=sha1)(type=group desc value=modp1024)))) 2004-01-13 13:36:41: DEBUG: sockmisc.c:421:sendfromto(): sockname 64.1.164.95[500] 2004-01-13 13:36:41: DEBUG: sockmisc.c:423:sendfromto(): send packet from 64.1.164.95[500] 2004-01-13 13:36:41: DEBUG: sockmisc.c:425:sendfromto():...

Morning all... I have a Dedicated server in a data center in Germany, and it has 2 3TB drives, but only software RAID. I have got them to install VMWare ESXi and so far everything is going ok... I have the 2 drives as standard data stores... But i am paranoid... So, i installed Nexenta as a VM, gave it a small disk to boot off and 2 1Tb disks on separate physical drives... I have created a

...load *Mar 1 06:30:02.899: ISAKMP (0:1): vendor ID seems Unity/DPD but major 139 mismatch *Mar 1 06:30:02.899: ISAKMP: Looking for a matching key for 1.1.1.1 in default : success *Mar 1 06:30:02.899: ISAKMP (0:1): found peer pre-shared key matching 1.1.1.1 *Mar 1 06:30:02.899: ISAKMP (0:1) local preshared key found *Mar 1 06:30:02.899: ISAKMP : Scanning profiles for xauth ... *Mar 1 06:30:02.899: ISAKMP (0:1): Checking ISAKMP transform 1 against priority 1 policy *Mar 1 06:30:02.903: ISAKMP: encryption 3DES-CBC *Mar 1 06:30:02.903: ISAKMP: hash MD5 *Mar 1 06:30:02.903: ISAKMP:...