Displaying 20 results from an estimated 10000 matches similar to: "IPSec"
2004 Oct 20
11
Shorewall, Freeswan and SuSE 9.1
I have been using shorewall and freeswan successfully for 3 or more
years now. But they have all been using the Linux 2.4 kernel. My current
configuration is (as the title suggests) using SuSE 9.1 which has a
2.6.5 kernel and freeswan 2.0.4 built-in.
After much reading and a lot of trial and error, I did get this
combination to work with Shorewall 2.0.9. It is happily talking to an
older Mandrake
2005 May 23
2
How to setup IPSec tunnel between FreeBSD and Linux systems...?
Hi,
I am trying to setup ipsec tunnel between Freebsd
(host1) and Linux (host2) systems.And I also
interested in executing some ipsec test cases( Like
TAHI conformance test suite) on the same connection.
Please, suggest me some details regarding this setup
and Specify any materials which can be obtained from
from any locations(site)..
I have enabled IPSec support for FreeBSD (4.11
Release) and
2003 Oct 26
4
linux-xp x509 ipsec connection
hi,
I can''t get a freeswan 2.02 ipsec x509 connection at work
can somebody help me?
*************************************************************************************
global situation
*************************************************************************************
the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24,
a dyn IP via a DSL
2013 Mar 04
6
Centos6 ipsec troubles
Hello,
it looks like the usual way to do ipsec on centos5 won't work anymore on
centos6
I installed ipsec-tools but an interface type IPsec is not recognized by
the kernel
ifup ipsec0
Device does not seem to be present, delaying initialization.
I am not planning to use the awful OpenSwan, I Want to sue the Kame
implementation which was working fine on CentOS5
any hints ?
thank you
2006 May 03
5
SNAT on IPSEC tunnel with kernel 2.6/KAME tools?
Hi,
Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey
on which I have one address on my side acting as an SNAT router for all
traffic from my network to a network segment on the far side.
my network --- my gateway ---------------------- remote network
10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22
All traffic starts on my side, so if I can
2006 Jan 22
1
setting up vpn client on a freebsd workstation
I have the following network:
External Interface External Interface
ccc.ccc.ccc.ccc aaa.aaa.aaa.aaa
| |
--> VPN <--> Internet <--> FreeBSD Client (NATed extip: bbb.bbb.bbb.bbb)
|
FW-1 Protected Net
ddd.ddd.ddd.ddd/24
VPN: ipsec freeswan (UDP encapsulated tunnel)
ccc.ccc.ccc.ccc has port 136/UDP open for
2003 Apr 07
4
BW using CBQ/tc for VPN Ipsec i/f?
Hi all,
I want to allocate bandwidth for ipsec interface using CBQ/tc.
Suppose the conf. file is like this,
DEVICE=ipsec0,10Mbit,1Mbit
RATE=128Kbit
WEIGHT=10Kbit
PRIO=5
RULE=192.128.1.0/24
Does it work
or
What else options need to be taken care like ipsec packets/protocol/port
# etc.?
C''d anybody suggest please?
regds,
Srikanth.
_______________________________________________
LARTC
2003 Aug 01
2
FTP
Hello,
I usualy permit TCP traffic on ports from 1025 to 65535 of the servers
that I need to permit FTP access.
Is there a more secure way to permit FTP access instead of to
permit such ports?
I have a FreeBSD gateway/router on a building with these ports
open and I?m having some problems with users using softwares
like Kasaa and eMule.
Any help would be appreciated.
Thank?s
Ronan
2007 May 04
1
Multiple SA in the same IPSec tunnel
Hi,
When a IPSec tunnel is established between two peers, I understand that the
"normal" situation is to have in a given moment two SAs, one for each
direction of the tunnel.
However, in one of my tunnels (peer P1 running GNU/Linux with setkey and
racoon; peer P2 is a Cisco router) there is a large number (around 19) of
SAs established (this has been observed in P1 with
2006 Aug 21
3
Connecting CentOS to IPSEC VPN (Checkpoint FW1)
Hi,
Does anyone have experience using IPSEC on CentOS in order to connect to
vendor IPSEC-based VPN products (specifically Checkpoint FW1) ?
Is the included IPSEC implementation sufficient, or do people have to rely
on OpenSWAN or FreeSWAN ? I'd be testing tomorrow and I'm interested with
experiences others have had and things to look out for.
Thanks in advance,
-- dag wieers, dag
2003 Jan 08
1
IPSec pass through
I''m getting insane here. I''m running shorewall 1.3.11 with iptables
1.2.5 and freeswan 1.97 on a 2.4.18-8 kernel aka MNF. The setup is a
followed:
Lan (192.168.1.x) - FW (eth1 192.168.1.254 - eth0 64.x.y.71) - router
64.x.y.65 (which is default GW on eth0) -internet - 161.a.b.c (FW-1)
So a windows client with checkpoint tries to connect to a vpn-1 server
on the internet. The
2006 Feb 06
6
(no subject)
We had a running ipsec shorewall system to all of our remote offices. We
added a dmz to the firewall and implemented proxy arp for that dmz. We have
checked everything two or three times and cannot figure out why the vpns
will no longer come up.
We are using shorewall version 2.2.3 from the debian stable sarge
distribution. We noticed the errata that for 2.0.0 there was a problem with
proxy
2005 May 17
4
HOW TO Enable IPSec for FreeBSD.......???
Hi,
I have tried to enable IPSec support for my
FreeBSD( 4.11-RELEASE) system.
First, I copied the generic kernel configuration file
to a file I called MYKERNEL:
#cp /usr/src/sys/i386/conf/GENERIC
/usr/src/sys/i386/conf/MYKERNEL
Then, I added the following three lines to the options
section of /usr/src/sys/i386/conf/MYKERNEL:
options IPSEC
options IPSEC_ESP
options
2004 Jan 13
3
IPSEC btwn stable and Linksys BEFVP41 stopped working.
Hi,
I have been using IPsec to communicate between a laptop that tracks
-stable and a Linksys BEFVP41 router.
I only use it infrequently, but it's been working great. My setup is
as described in http://grapeape.alerce.com/linksys-ipsec/article.html
(which I am planning to submit to the handbook when it's done).
I'm no longer able to make an ipsec connection, and I can't put my
2004 Sep 22
3
2.6 kernel ipsec and shorewall
I set up an ipsec/racoon vpn tunnel test environment. The gateway machines
are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and
10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10.
The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an vice
versa and they can both use the net via NAT, however 192.168.0.30 and
192.168.0.31 cannot directly
2004 Aug 02
4
IPSEC Tunnel Hub
Hi ,
I have setup site-to-site IPSEC tunnel using Freeswan and Shorewall. I
have 3 sites, One central site called site-A,
and 2 remote sites called site-B and site-C.
Now site-A can communicate with site-B and site-C repectively.
I want to enable site-B talk to site-C using Tunnel hub configuration.
I have enabled the shorewall policy on site-A server so that site-B can
talk site-C, but it
2003 Aug 07
1
IPSec delays
I've been using IPSec and racoon alot lately creating tunnels between FreeBSD machines. Everything works as it should once I've got it running. I do however seem to get delays when one, or both ends of the tunnel drop or are rebooted. On reboot, once the machine starts racoon, it takes two or three minutes for the tunnel to come back up. If I stop and restart racoon, it takes only 60
2005 May 23
3
Betr.: VPN
IF you are not stuck to IPSec, you might want to take a look at OpenVPN (www.openvpn.org). I found OpenVPN easier to install than FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution between my German office and our mainoffice in a matter of hours.
Thom van der Boon
E-Mail: Thom.van.der.Boon at vdb.nl
=====
Thom.H. van der Boon b.v.
Havens 563
Jan Evertsenweg 2-4
NL-3115 JA Schiedam
2005 Aug 02
2
probes on udp port 500
Last couple of days some of my hosts were probed for UDP port 500 (IKE daemon,
used by IPSec for key exchange) from dialup IPs. Don't remember seeing similar
probes before. Some new vaulnerability that script kiddies (and pro crackers)
are trying out, or is this some old stuff? I do remember there were some
security problems with racoon in the past (that were fixed in current CentOS
2006 May 06
1
IPsec with racoon2
Hi,
I'm trying to get IPsec running between 2 FreeBSD (VMware) boxes, using racoon2.
spmd and iked start up okay, but I get an error when I try a ping across the tunnel.
/var/log/messages shows:
May 5 13:52:36 biosa-vm4 iked: [INTERNAL_ERR]: if_spmd.c:726: SLID failed: 550 Operation failed
May 5 13:52:36 biosa-vm4 iked: [INTERNAL_ERR]: isakmp.c:647:isakmp_initiate_cont(): 0:172.20.36.55[0]