similar to: Centos6 ipsec troubles

Displaying 20 results from an estimated 2000 matches similar to: "Centos6 ipsec troubles"

2005 May 04
4
OpenSwan traffic shaping with HTB & sfq
Hi All, I''ve got an interoffice IPSEC VPN in place that I''m trying to give priority to terminal service (tcp 3389) traffic. I''ve created rules at each end, but have hit a bit of a dillemma. As the data is encrypted I must also give highest priority to protocol 50 otherwise the priority is lost as the packet gets encrypted. When I do this however, I can''t
2016 Mar 21
5
IPSec multiple VPN setups
I second Eero's comment, use a new IPSec daemon. Openswan was forked and became Libreswan. Paul, now a RH employee, was a main developer for the Openswan project before he and others created the Libreswan fork. https://libreswan.org/ EL6 has Openswan EL7 has Libreswan Racoon isn't all that fun to work with. If you have the option, ditch it and EL5 and move to a newer platform
2016 Mar 21
3
IPSec multiple VPN setups
Centos 5 is still soon end of life. Using it as ipsec gateway is .. Eero 21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti: > On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com> > wrote: > > > I second Eero's comment, use a new IPSec daemon. > > > > Openswan was forked and became Libreswan. Paul, now
2016 Mar 21
2
IPSec multiple VPN setups
Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti: > Will ask my boss :) We are hosted on memset so not so easy to update > > Thanks > > On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote: > > Centos 5 is still soon end of life. Using it as ipsec gateway is .. > >
2014 Feb 05
1
yum update tries and fails to install libreswan
On 6.5, I've got openswan installed, but yum update is wanting to install libreswan. If libreswan is intended to replace openswan, wouldn't the appropriate yum transactions have been created to remove opnswan first? I'm stumped. Advice appreciated. Fred -- ------------------------------------------------------------------------------- Under no circumstances will I ever purchase
2016 Mar 21
2
IPSec multiple VPN setups
Hi I hope someone can answer something I'm sure is quite basic. I am following the instructions at https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html On setting up a VPN The part I am having trouble with is when it show the /etc/racoon/racoon.conf file. But it doesn't say whay you have to do with this file. When I bring up my connection ifup bicester I get RTNETLINK
2015 Apr 14
3
state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
I looked in the yum repositories for CentOS 7 and I noticed that there are no packages for any of the major open source IPSec VPN apps - Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan packages. What is the current consensus w.r.t. building an IPSec VPN "server" (concentrator, whatever) on CentOS 7, that will do site-to-site connections with Cisco hardware at
2015 Apr 14
2
state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
On 2015-04-14 11:25, Gordon Messmer wrote: > On 04/14/2015 11:07 AM, Florin Andrei wrote: >> I looked in the yum repositories for CentOS 7 and I noticed that there >> are no packages for any of the major open source IPSec VPN apps - >> Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan >> packages. > > libreswan replaced openswan, and is
2013 Feb 01
2
Centos as l2tp/ipsec-Client
Hello, i need to configure a centos 6.3 - server as an l2tp/ipsec-client. I have no idea how I there previous or if this is even possible. Where one might find appropriate instructions? Google is not very helpful, without any idea. Thanks cami
2016 Feb 17
2
Openswan <-> VyOS
Hello, I'm having a bit of trouble connecting our current CentOS Openswan server with a Vyos server via IPSec. I've posted this on the VyOS forums, but haven't had many helpful responses, so I thought I would ask here. http://forum.vyos.net/showthread.php?tid=26504&pid=29703#pid29703 Basically our Openswan configuration is as follows: conn VYOS keyingtries=0
2009 Aug 12
6
Shorewall (Openswan) IPSEC VPN MASQ Problem
Hi, I have setup a IPSEC VPN using Openswan to connect a Draytek router to a CentOS 5.2/Shorewall 4.2.9 firewall. The VPN establishes OK but I''m getting a problem with packets from the left hand subnet getting masqueraded rather than routed down the IPSEC VPN as though they were going out onto the net. I''ve spent the last day searching Google and so far I''ve hit a
2016 Jun 21
3
Package NetworkManager-libreswan-0.9.8.0-5.el7.x86_64.rpm is not signed
How to inst that Network manager please ================ Worthy agent of Light ================ Jules Irenge MSc Student University of Liverpool
2005 May 27
1
Still VPN
Hi, still trying to understand one thing. I would definitely like to tell iptables to accept all packets coming from remote vpn only if they hit the $VIRTUALVPNINTERFACE. I tried -o ipsec0 but this is not working, looks like ipsec0 device doesn't exist or it is not recognized. I red on the Openswan users list, that Linux kernel 2.6 native ipsec don't create ipsec* interface (if I am
2005 May 23
2
VPN
Hi list, I am trying to create a VPN between two different locations. On the first location we have a cisco pix 525 Natting the internal 192.168.100.x network, while on the second location we have a Centos3 box Natting via iptables the internal 192.168.10.x netowrk. My goal is to connect this 2 over the internet via IPsec. I created the IPsec Net2Net via the network configuration graphic
2015 Apr 14
1
state of IPSec VPN on CentOS 7: Openswan, strongSwan, RPM packages
On 2015-04-14 11:44, Eero Volotinen wrote: > 2015-04-14 21:40 GMT+03:00 Florin Andrei <florin at andrei.myip.org>: >> >> http://serverfault.com/a/655752/24406 >> >> If that is accurate, the documentation, and the clustering / load >> balancing might tilt the balance in the direction of strongSwan. >> >> > Well, both packages can do ipsec to
2004 Dec 02
8
Correct Shorewall version for RedHat ES3
Hello all -- I am trying to get Shorewall, ipsec and RedHat ES version 3 to cooperate. Before posting any specific problems, I thought I''d find out if I have the right stuff to work with. (I''ve gotten ipsec to work flawlessly with Shorewall using RH 8 and 9 kernels, so I have some experience with it. Shorewall 2.0.12 works fine on this ES 3 box, except for the ipsec part)
2007 Jun 25
4
Using Julian Anastasov''s ''routes'' patches on 2.4 kernel in conjunction with IPSec
Hello, I use Julian Anastasov ''routes'' (to be more specific: static_routes, alt_routes and nf_reroute) patches on a 2.4.32 kernel. On the same host I run IPSec. I have discovered after a few hours of networking problems that, when IPSec is enabled on that patched kernel, inspecting packets with tcpdump while arping-ing a host from a network physically connected to this
2011 Apr 11
2
KVM problem after update to 5.6
Hello, after updating to Cents 5.6 and so to kvm-83-224 my KVM virtual machines qemu qcow2 based images do not start anymore. Looking at VM console the error message is that VM media is not bootable. Going back to previous KVM version kvm-83-164 from Centos 5.5 they works again. What's wrong with qemu images ? anyone has an idea on how to fix the problem ? thanks Rick
2012 Jan 22
2
Centso 6.2 bug ?
Hello, is anyone experiencing this ? I have a sympa process (bulk.pl) which triggers this bug: ------------[ cut here ]------------ WARNING: at kernel/sched.c:5914 thread_return+0x232/0x79d() (Not tainted) Hardware name: X8DTU-LN4+ Modules linked in: cpufreq_ondemand acpi_cpufreq freq_table mperf ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables ipv6
2006 May 03
5
SNAT on IPSEC tunnel with kernel 2.6/KAME tools?
Hi, Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey on which I have one address on my side acting as an SNAT router for all traffic from my network to a network segment on the far side. my network --- my gateway ---------------------- remote network 10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22 All traffic starts on my side, so if I can