Displaying 20 results from an estimated 10000 matches similar to: "multiple tunnelling problem"
2006 Jul 26
1
IPSec tunnel mode, through a IPIP tunnel
Hello Gurus,
I am a small problem with routing and here are the details.
Interfaces on my server:
* ipsec0 - 172.19.58.94
* tunl0 - 172.19.58.94
* eth0 - 172.19.58.94
Now, the problem is that there is another host 172.19.58.200. All
communication to 172.19.58.200 should be through tunl0, and all the data
should be secured using IPSec (tunnel mode - because there are more
machines on my
2017 May 03
2
Multiple default gateway from tinc node
Hi, Guus
I did some test regarding the points you mentioned below, and yes, you’re right, but some of points may need further adjusted:
1. The destination of IPv4 wouldn’t be changed, Yes I agree, that’s the goal and final destination for the communication. But during the path, it may be encapsulated into another packet(tunnel mode), where the outside IP header is the physical address, but the
2005 May 23
3
Betr.: VPN
IF you are not stuck to IPSec, you might want to take a look at OpenVPN (www.openvpn.org). I found OpenVPN easier to install than FreeSWAN (an IPSEC VPN) and have setup an OpenVPN solution between my German office and our mainoffice in a matter of hours.
Thom van der Boon
E-Mail: Thom.van.der.Boon at vdb.nl
=====
Thom.H. van der Boon b.v.
Havens 563
Jan Evertsenweg 2-4
NL-3115 JA Schiedam
2005 Jul 27
2
QoS and IPSec...
Hi, I have what to me is an interesting issue. I am wanting to
prioritize (QoS) traffic that will be passing through an IPSec
(OpenS/WAN) VPN between two (identical) Linux routers. I know that I
can apply the IPSec patches (1-4) to the kernel and IPTables (if they
are not already applied by now) filter traffic before and after IPSec
encapsulation. My problem is that I don''t know
2006 May 31
0
IPSec tunnels and routing: strange behaviour
Hello,
My name is Fermín Galán and I''m currently working with IPSec tunnels.
Recently, I was setting a IPSec tunnelling sample scenario (maybe the
simplest one :), where I observed some strange behaviour that I like to
describe in the list, just in the case somebody knows what can be the cause,
please.
The scenario involves four hosts configured in the following way:
2004 Aug 13
1
ipsec tunnel to netgear fvs318
Hi,
I''m trying to set-up an ipsec tunnel between a Redhat9 box and a Netgear
FVS318.
When trying to initialise the connection - ifup ipsec0 - I get the error:
RTNETLINK answers: Network is unreachable
This would lead me to believe shorewall is blocking ipsec.
My config is below.
The output of ''shorewall status'' is attached.
Any help in pointing out if I''ve
2006 Mar 22
1
FreeBSD Security Advisory FreeBSD-SA-06:11.ipsec
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:11.ipsec Security Advisory
The FreeBSD Project
Topic: IPsec replay attack vulnerability
Category: core
Module: sys_netipsec
Announced:
2006 Mar 22
1
FreeBSD Security Advisory FreeBSD-SA-06:11.ipsec
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:11.ipsec Security Advisory
The FreeBSD Project
Topic: IPsec replay attack vulnerability
Category: core
Module: sys_netipsec
Announced:
2004 Oct 12
6
Classful Queuing
OK, I''m stumped. I''ve read through most of the LARTC HOWTO and have yet
to find a basis for what I need to accomplish.
I have a Linux box that controls access to and from the Internet at my
workplace. We have a number of remote employees that connect via PPTP
and IPSEC to the office''s internal network. Some of these remote
employees are currently using SIP phones.
2003 Jan 14
1
MULTIPLE IPSEC TUNNELS
I am have a shorewall firewall and freeswan ipsec running on a redhat 8.0
Linux gateway machine. I have one working tunnel defined, all works well. I
am not clear how to define mutiple concurrent tunnels. I can not add further
interface entries as all the tunnels come in on ipsec0, do I still have
mutiple zone definitions? some of the tunnels will be dynamic roadwarriors
and as such would need a
2004 Mar 05
4
Wondershaper breaks IPSec tunnels
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello, been awhile since I''ve written.
I now have a situation where I get to use traffic shaping for a client.
~ We implemented the WonderShaper script on our own firewall and
experienced no problems. I made some modifications to it to add IPSec
protocol packets into the 1:10 high priority class using the u32 filter.
~ So far on our
2003 Oct 30
1
Using racoon-negotiated IPSec with ipfw and natd
[ -netters, please Cc me or security@ with replies. ]
I'm running into trouble integrating dynamic racoon-based IPSec into a network
with ipfw and natd. I need to be able to allow VPN access from any address
from authenticated clients. I've got the dynamic VPN working, with racoon
negotiating SAs and installing SPs, but the problem is that I can't tell
whether an incoming packet on
2006 May 03
5
SNAT on IPSEC tunnel with kernel 2.6/KAME tools?
Hi,
Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey
on which I have one address on my side acting as an SNAT router for all
traffic from my network to a network segment on the far side.
my network --- my gateway ---------------------- remote network
10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22
All traffic starts on my side, so if I can
2004 Dec 02
8
Correct Shorewall version for RedHat ES3
Hello all --
I am trying to get Shorewall, ipsec and RedHat ES version 3 to cooperate.
Before posting any specific problems, I thought I''d find out if I have the
right stuff to work with. (I''ve gotten ipsec to work flawlessly with
Shorewall using RH 8 and 9 kernels, so I have some experience with it.
Shorewall 2.0.12 works fine on this ES 3 box, except for the ipsec part)
2003 Oct 26
4
linux-xp x509 ipsec connection
hi,
I can''t get a freeswan 2.02 ipsec x509 connection at work
can somebody help me?
*************************************************************************************
global situation
*************************************************************************************
the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24,
a dyn IP via a DSL
2008 Jul 17
1
racoon and ipsec issues
I am attempting to create an ipsec tunnel between two CentOS 5.1
systems, network-to-network with two different 192.168.xxx.0/24
LAN segments. I have gone through the documentation on the
centos web site, and have the machines to the point where the
/var/log/messages show ``IPsec-SA established'' on both machines
after runnig ``ifup ipsec0'' (same ipsec0 on each machine).
IP
2006 Nov 03
5
qos inside ipsec tunnel
Hello everybody.
I would like to do some kind of shaping inside an
ipsec tunnel implemented by Openswan and linux
2.6.18.x with xfrm (no KLIPS): for example, to
limit outbound smtp traffic inside the tunnel.
Question: where should I attach the qdisc to? Eth0?
I''m asking this, because tcpdump only see the ESP
packet on the eth0 and not the ''clear'' packet.
TIA
This is my
2013 Mar 04
6
Centos6 ipsec troubles
Hello,
it looks like the usual way to do ipsec on centos5 won't work anymore on
centos6
I installed ipsec-tools but an interface type IPsec is not recognized by
the kernel
ifup ipsec0
Device does not seem to be present, delaying initialization.
I am not planning to use the awful OpenSwan, I Want to sue the Kame
implementation which was working fine on CentOS5
any hints ?
thank you
2007 Jun 25
4
Using Julian Anastasov''s ''routes'' patches on 2.4 kernel in conjunction with IPSec
Hello,
I use Julian Anastasov ''routes'' (to be more specific: static_routes,
alt_routes and nf_reroute) patches on a 2.4.32 kernel. On the same host I run
IPSec. I have discovered after a few hours of networking problems that,
when IPSec is enabled on that patched kernel, inspecting packets with tcpdump
while arping-ing a host from a network physically connected to this
2005 Feb 02
6
NAT troubles with IPSEC traffic
I just got the list confirmation and noticed it''s text only email so here it
is again in plain text. Below is the oringal message.
Hi all,
I am really struggling with this one, I have built a lot of linux machines
using IPSEC tunnels and shorewall gateways. I decied to build a new test
machine with Debian running 2.4.25 and Shorewall 2.0.15. I have two subnets
on their own switches and