Displaying 20 results from an estimated 6000 matches similar to: "Re: interesting expert problem - shaping over VPN"
2004 Sep 17
2
interesting expert problem - shaping over VPN
Here''s a challenging problem for you experts to tackle:
I''m trying to shape traffic going into an IPSEC interface which then goes
over a DSL PPPoE interface. I figure I need to shape the DSL interface to
keep it''s hardware queue mostly empty, and to
2006 Aug 21
0
[Fwd: Re: Connecting CentOS to IPSEC VPN (Checkpoint FW1)]
Sorry Dag,
it is possible to use linux as a roadwarrior client:
http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html
-------- Original Message --------
Subject: Re: [CentOS] Connecting CentOS to IPSEC VPN (Checkpoint FW1)
Date: Mon, 21 Aug 2006 15:20:55 +0200
From: carlopmart <carlopmart at gmail.com>
To: CentOS mailing list <centos at centos.org>
2005 Jul 07
1
HELP PLEASE BITTORRENT SHAPING (HTB)
Ok, earlier I post a message explaining my problem with HTB and layer7 (or
ipp2p), about not being able to shape the traffic. Well, actually this is
what''s happening, I''m marking the packets (right now, I''m using ipp2p as
Klaus adviced me to) with iptables, and my queue rules are made using tcng,
I''m using the HTB qdisc, and traffic is going to the HTB class
2004 May 07
0
Re: LARTC digest, Vol 1 #1714 - 5 msgs
Hi
I''m looking for a quick recipe for a newbie to control http traffic in
my linux gw. My internet is overloaded already and vpn external clients
are experiencing troubles (disconnecting in peak hours).
Any suggestions ?
Regards
Guillermo
Caracas/Venezuela
On Thu, 2004-05-06 at 14:40, lartc-request@mailman.ds9a.nl wrote:
> Send LARTC mailing list submissions to
>
2006 Jan 22
1
setting up vpn client on a freebsd workstation
I have the following network:
External Interface External Interface
ccc.ccc.ccc.ccc aaa.aaa.aaa.aaa
| |
--> VPN <--> Internet <--> FreeBSD Client (NATed extip: bbb.bbb.bbb.bbb)
|
FW-1 Protected Net
ddd.ddd.ddd.ddd/24
VPN: ipsec freeswan (UDP encapsulated tunnel)
ccc.ccc.ccc.ccc has port 136/UDP open for
2005 Jul 12
0
PLEASE HELP! SHAPING P2P STILL NOT WORKING
Hello, some days ago, I was asking for help here about not able to do anything
when I had bittorrent running, I will post the problem here:
I''m using ipp2p to mark p2p packets, and then send them with -j CLASSIFY to
the correct HTB class, I see traffic in the class when I start azurerus, and
traffic does get shaped, but then I''m still not able to surf the web nor chat
nor
2004 Sep 03
3
traffic queueing and ipsec vpn
Hi all, ive been reading lartc howto, im new about traffic shaping/police.
As far as red (chapter 9 complete) i saw that first the packet passes at the
ingress qdisc, then it passes to the ip stack if the packet is directed to
the box or its forwarded (is my case), then it falls to the egress
classifier/s.
Now, i understand if i have an ipsec vpn at the outside interface, the
egress
2004 May 05
1
Re: [Fwd: Re: Simple HTB setup with tcng]
Thank you for your help.
It generates this script :
tc qdisc add dev eth0 handle 1:0 root htb default 2
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 75000bps ceil \
75000bps
tc class add dev eth0 parent 1:0 classid 1:2 htb rate 125000bps
tc filter add dev eth0 parent 1:0 protocol all prio 1 u32 match u32 \
0xa000001 0xffffffff at 12 classid 1:1
But I thought it was necessary to
2006 Aug 21
3
Connecting CentOS to IPSEC VPN (Checkpoint FW1)
Hi,
Does anyone have experience using IPSEC on CentOS in order to connect to
vendor IPSEC-based VPN products (specifically Checkpoint FW1) ?
Is the included IPSEC implementation sufficient, or do people have to rely
on OpenSWAN or FreeSWAN ? I'd be testing tomorrow and I'm interested with
experiences others have had and things to look out for.
Thanks in advance,
-- dag wieers, dag
2005 Dec 23
0
tcng example on using ingress without IMQ
hi all.
i really need help.
i need a working example on shaping the ingress per user using tcng
without IMQon a mechine which has two interfaces, and acts like a
firewall, and NAT for intrenet connection sharing:
eth0 is the external facing the Internet.
eth1 is the internal towards my LAN/office network.
Please i dont want other than tcng code. iptables code i read on some
pages seems
2004 Sep 24
2
strange behavior of ipsec tunnel mode
hello
i am trying to set up ipsec in my network, for now just between two hosts, using to use AH & ESP
in tunnel mode to get all of packet encrypted. keys are negotiated with racoon.
mayby using tunnel mode in this case can seems strange, but i know what i am doing.
after setting up everything i have done few tests with ping & tcpdump. but the results are very suprising.
bellow is what i
2004 Mar 24
1
is dynamic traffic shaping possible by tcng?
I am working on traffic shaping using the nextenso proxy platform(a product of
alcatel)on linux platform, I wish to do dynamic traffic shaping means on a
fly,
is that possible with TCNG??
With Warm Regards,
Aruna Baghel
"Gratitude can transform common days into thanksgivings, turn routine jobs
into
joy, and change ordinary opportunities into blessings."
2016 Mar 21
0
IPSec multiple VPN setups
On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com>
wrote:
> I second Eero's comment, use a new IPSec daemon.
>
> Openswan was forked and became Libreswan. Paul, now a RH employee, was a
> main developer for the Openswan project before he and others created the
> Libreswan fork.
> https://libreswan.org/
>
> EL6 has Openswan
> EL7 has
2016 Mar 21
0
IPSec multiple VPN setups
Will ask my boss :) We are hosted on memset so not so easy to update
Thanks
On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote:
> Centos 5 is still soon end of life. Using it as ipsec gateway is ..
>
> Eero
> 21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti:
>
>> On Mon, Mar 21, 2016 at 1:17 PM, Mike -
2016 Mar 21
0
IPSec multiple VPN setups
To be fair its not highly sensitive info we are dealing with.
-----Original Message-----
From: "Eero Volotinen" <eero.volotinen at iki.fi>
Sent: ?21/?03/?2016 17:51
To: "CentOS mailing list" <centos at centos.org>
Subject: Re: [CentOS] IPSec multiple VPN setups
Err. Sounds like security nightmare.
21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at
2016 Mar 21
2
IPSec multiple VPN setups
Hi I hope someone can answer something I'm sure is quite basic.
I am following the instructions at
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
On setting up a VPN
The part I am having trouble with is when it show the
/etc/racoon/racoon.conf file.
But it doesn't say whay you have to do with this file.
When I bring up my connection
ifup bicester
I get
RTNETLINK
2016 Mar 21
0
IPSec multiple VPN setups
Yes you can. Please use newer version of centos and strong/openswan.
Eero
21.3.2016 7.05 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti:
> Hi I hope someone can answer something I'm sure is quite basic.
>
> I am following the instructions at
> https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
> On setting up a VPN
>
> The part
2004 Aug 05
6
TC-ng questions/problems
Hi all,
We have 2 class C networks that are connected by a Linux router with the internet. We want to apply traffic control (bandwidth control). For that we wrote the tcc script below. We have 2 problems:
1. To establish a 2 megagit download we must actually set the value to 2500kbps. Is there a possible reason for that?
2. If we enable the WAN device we get very hight ping times (they change
2016 Mar 21
3
IPSec multiple VPN setups
Centos 5 is still soon end of life. Using it as ipsec gateway is ..
Eero
21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti:
> On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com>
> wrote:
>
> > I second Eero's comment, use a new IPSec daemon.
> >
> > Openswan was forked and became Libreswan. Paul, now
2006 May 03
5
SNAT on IPSEC tunnel with kernel 2.6/KAME tools?
Hi,
Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey
on which I have one address on my side acting as an SNAT router for all
traffic from my network to a network segment on the far side.
my network --- my gateway ---------------------- remote network
10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22
All traffic starts on my side, so if I can