similar to: Kernel packages and 3rd party kernel modules

Sorry Dag, it is possible to use linux as a roadwarrior client: http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html -------- Original Message -------- Subject: Re: [CentOS] Connecting CentOS to IPSEC VPN (Checkpoint FW1) Date: Mon, 21 Aug 2006 15:20:55 +0200 From: carlopmart <carlopmart at gmail.com> To: CentOS mailing list <centos at centos.org>

Hi, Does anyone have experience using IPSEC on CentOS in order to connect to vendor IPSEC-based VPN products (specifically Checkpoint FW1) ? Is the included IPSEC implementation sufficient, or do people have to rely on OpenSWAN or FreeSWAN ? I'd be testing tomorrow and I'm interested with experiences others have had and things to look out for. Thanks in advance, -- dag wieers, dag

On Mon, 27 Sep 2004, Rick Graves wrote: > > Please change $releasever manually by '3', and > > everything should work. > > That seems to have fixed accessing your repository. > > I only typed > > yum list j2re > > and now it is downloading lots of headers. > > I stopped it by pressing Ctrl-c many times fast. > > I think I am up to

A number of new packages are now in the contrib repository including cluster manager, courier-imap, maildrop and piranha - amongst others - thanks to bilbo for these. (we are still waiting for some of the src.rpms) There are also kernels for i586 in the contrib section. contrib packages are supplied by third parties, not (necessarily) tested by CentOS developers and not GPG signed by Centos.

Hi, is there anybody running centos3 (el3) with a standard kernel 2.4.32 or newer, because it seems openswan versions > 2.21 don''t run with centos3(el3) anymore. But we need the newer openswan versions. Problem arise when I try to build the ipsec.o module: /usr/src/openswan-2.4.4/linux/net/ipsec/ipsec_init.c /usr/src/openswan-2.4.4/linux/net/ipsec/ipsec_init.c: In function

Hi All, I upgraded from 5.3 to 5.4 today on a vpn gateway using openswan. After the upgrade the vpn stopped working. From what I could tell the new version of openswan uses NSS. I tried following the instructions in this thead https://bugzilla.redhat.com/show_bug.cgi?id=508107 without success. # certutil -N -d sql:/etc/ipsec.d certutil: function failed: security library: bad database.

To be fair its not highly sensitive info we are dealing with. -----Original Message----- From: "Eero Volotinen" <eero.volotinen at iki.fi> Sent: ?21/?03/?2016 17:51 To: "CentOS mailing list" <centos at centos.org> Subject: Re: [CentOS] IPSec multiple VPN setups Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at

Hello, I'm having a bit of trouble connecting our current CentOS Openswan server with a Vyos server via IPSec. I've posted this on the VyOS forums, but haven't had many helpful responses, so I thought I would ask here. http://forum.vyos.net/showthread.php?tid=26504&pid=29703#pid29703 Basically our Openswan configuration is as follows: conn VYOS keyingtries=0

Will ask my boss :) We are hosted on memset so not so easy to update Thanks On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote: > Centos 5 is still soon end of life. Using it as ipsec gateway is .. > > Eero > 21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti: > >> On Mon, Mar 21, 2016 at 1:17 PM, Mike -

On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com> wrote: > I second Eero's comment, use a new IPSec daemon. > > Openswan was forked and became Libreswan. Paul, now a RH employee, was a > main developer for the Openswan project before he and others created the > Libreswan fork. > https://libreswan.org/ > > EL6 has Openswan > EL7 has

Does anyone else noticed problems after updating openswan to openswan-2.6.32-27.2.el6_5.i686 ? In our case a connection to Cisco VPN 3000 Series would no longer work. I can see in the log an ASSERTION FAILED error and the connection would remain in Pending phase 2. Mar 7 16:24:40 firewall pluto[7647]: "ciscovpntest" #2: discarding duplicate packet; already STATE_MAIN_I1 Mar 7

what about something like: http://www.idtnetwork.com/show.aspx?mi=161 http://taolinux.org/?q=node/view/2 http://whiteboxlinux.org/ brigth, blinking... in the very first page...lets try do to as all others are doing... its a pratical approach... not what we think about Red Hat trademark guidelines. Luis. ______________________________ EMPREL, http://www.recife.pe.gov.br

I´ve figured out the following. I am able to sftp from shorewall 2.4.2 left vpn gateway x.x.x.14 (DMZ) to shorewall 2.4.1 fw x.x.x.11 with /etc/shorewall/proxyarp x.x.x.14 eth2 eth0 No very well. That´s not through a tunnel (of course a ssh tunnel, but no vpn) but with public ip x.x.x.14 to x.x.x.11 If I try to sftp through the fw to the public internet I have the same

Centos 5 is still soon end of life. Using it as ipsec gateway is .. Eero 21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti: > On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com> > wrote: > > > I second Eero's comment, use a new IPSec daemon. > > > > Openswan was forked and became Libreswan. Paul, now

I looked in the yum repositories for CentOS 7 and I noticed that there are no packages for any of the major open source IPSec VPN apps - Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan packages. What is the current consensus w.r.t. building an IPSec VPN "server" (concentrator, whatever) on CentOS 7, that will do site-to-site connections with Cisco hardware at

2015-04-14 21:40 GMT+03:00 Florin Andrei <florin at andrei.myip.org>: > On 2015-04-14 11:25, Gordon Messmer wrote: > >> On 04/14/2015 11:07 AM, Florin Andrei wrote: >> >>> I looked in the yum repositories for CentOS 7 and I noticed that there >>> are no packages for any of the major open source IPSec VPN apps - >>> Openswan, strongSwan, etc.

Hello all -- I am trying to get Shorewall, ipsec and RedHat ES version 3 to cooperate. Before posting any specific problems, I thought I''d find out if I have the right stuff to work with. (I''ve gotten ipsec to work flawlessly with Shorewall using RH 8 and 9 kernels, so I have some experience with it. Shorewall 2.0.12 works fine on this ES 3 box, except for the ipsec part)

Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti: > Will ask my boss :) We are hosted on memset so not so easy to update > > Thanks > > On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote: > > Centos 5 is still soon end of life. Using it as ipsec gateway is .. > >

Hi, I want to connect to a Cisco Pix using ipsec. In RH9 I was able to compile openswan 2.4.0 and use it, but in Centos 3.7 I can apply the openswan klips patch. I noted that the centos 3.7 kernel has a ipsec patch from redhat, does this NETKEY patch works with openswan? What ipsec solution do I have in centos 3.7? Should I use another kernel? many thanks Oliver -- Oliver Schulze L.

Hello everybody. I would like to do some kind of shaping inside an ipsec tunnel implemented by Openswan and linux 2.6.18.x with xfrm (no KLIPS): for example, to limit outbound smtp traffic inside the tunnel. Question: where should I attach the qdisc to? Eth0? I''m asking this, because tcpdump only see the ESP packet on the eth0 and not the ''clear'' packet. TIA This is my