similar to: strange behavior of ipsec tunnel mode

SuSE10.2 Linux Kernel 2.6.18 Patched, Whenever I try to establish a connection raccoon fails giving the following error. Raccoon config ################# remote 67.101.176.*** { exchange_mode main,aggressive; doi ipsec_doi; situation identity_only; my_identifier address; send_cr off; send_cert off; lifetime time 2 min;

hi I''m trying to get ipsec working with x509 certificates however I just can''t seem to. I''ve hit a road block and was wondering if someone could help me figure it out. my racoon.conf (I have it mirrored on the connecting machine. path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/certs"; remote anonymous { exchange_mode

Dear list, I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working well as an office DSL router (dynamic IP) with loc and dmz zones. I am now trying to configure IPSec to connect a VPS, "casp", with a static IP to both the firewall and to the loc network behind it. The host to host SA works fine. However, pings from "loc" to "casp" can be

Hi all :-) I have a problem with my current configuration of ipsec. I''m using ipsec with kernel 2.6 and racoon. I have two computers linked by wireless cards. The first (192.168.1.1 Zeus) is connected to internet through a DSL modem and the second (192.168.1.2 Memphis) is accessing internet through the first. I want with ipsec to encrypt all datas between the two computers. I can

I've just wrote a lenghty email on Fedora ML as reply to Phillip who seems to be in the same trouble as myself... Found that while searching all mailing list archives and bugzillas I could think off (not really successfully, many people with same problems, no answers other than "works for me" -- glad to hear it works for somebody else, but it would be nice if he/she was a bit

Hi all, I am trying to establish a vpn tunnel between one CentOS5 IPSec server and a roadwarrior client, CentOS5 too. Roadwarrior use ipsec-tools version 0.6.5-8 (that comes with CentOS5) and server uses version 0.7 (downloaded from ipsec-tools website). My server configuration is: path include "/etc/racoon"; path certificate "/etc/racoon/certs"; path pre_shared_key

Buf ... Solved. Problem was that /etc/pam.d/racoon doesn't exists (I found this tip on NetBSD ipsec pages). Simply I have copied /etc/pam.d/passwd to /etc/pam.d/racoon and now all works as expected. Many thanks for your help Ross. Ross S. W. Walker wrote: > > I think it might just use another one like /etc/pam.d/remote > cause I audited the package and it wasn't there.

Hi all, I have two servers ZEUS (MASTER - 192.168.2.11) and POSEIDON (SLAVE - 192.168.2.12) with HeartBeat+DRBD+SAMBA installed ; HeartBeat is controlling SAMBA. I have a big partition which are mirrored /share. I moved all important directory on it. For example: # mv /var/lib/samba /share/cluster/varlibsamba # mv /var/cache/samba /share/cluster/varcachesamba and I make a link for each one: # ln

On Tue, Apr 9, 2013 at 1:22 PM, Bogdan-Andrei Iancu <bogdan at opensips.org>wrote: > ** > Hi Nick, > > The BYE is not properly formed and rejected by script - in the 200 OK of > the INVITE, you can see that your opensips is doing Record-Routing, but the > BYE does not contain the corresponding Route hdr, so SIP routing is > impossible. > > Regards, > >

Hi, the new function ''shorewall show zones'' in 2.2.0-Beta showed a thing which is (in my view) either abug or not documented. If I have a line in /etc/shorewall/hosts which reads work br0:eth0:192.168.2.10,192.168.2.11,192.168.2.12 then "show zones" has the output work br0:eth0:192.168.2.10 br0:192.168.2.11 br0:192.168.2.12 That is, the

Hello Everyone, I have gone through a few really good tutorials from the OpenSIPS site, Asterisk resources etc.. The unanswered question (and final piece of our puzzle) is if it's possible to have a register free environment in an OpenSIPS/Asterisk integration. Most approaches have OpenSIPS relay the UA's REGISTER request to Asterisk which has "host=dynamic" set for the

Hi, I am new to ipsec and trying to connect my bsd server with win 2000. I have succeeded to tunnel using pre-shared key. But regarding certificate , I failed to get success. The following are configuration : racoon.conf path certificate "/usr/local/openssl/certs" ; # "log" specifies logging level. It is followed by either "notify",

Hi, it seems not to be possible to add more than one host at once to a zone. So shorewall add br0:eth0:192.168.2.10,eth0:192.168.2.11 work fails, since "br0:eth0:192.168.2.10,eth0" is interpreted as one interface. --snip -- iptables v1.2.9: interface name `eth0:192.168.2.10,eth0'' must be shorter than IFNAMSIZ (15) Try `iptables -h'' or ''iptables

Hi, My local server is running CentOS 7. The machine has two NICs and is acting as a gateway. For DHCP and DNS, I'm using Dnsmasq. I have a strange little problem with local hostname resolution. Before going into more details, here's my configuration. [root at nestor:~] # ifconfig enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.0.2 netmask

I've just upgraded to 1.0a3 via a freebsd port, and I've begun to notice odd behaviour from Dovecot. After converting my config file settings over to the new format, everything runs fine for an hour or so, then dovecot stops responding: oot at toejamfootball# telnet localhost 143 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost.

Hello Everyone, Today we observed asterisk sending two invites for the initial call before the call was established (ie, not re-invites). There were no changes made to the configuration for a very long time, and was kind of confused when seeing this action. Can someone please suggest where to look to remove this behaviour? U 2014/08/12 07:34:20.405029 192.168.2.10:5060 -> 192.168.2.20:5080

Apologies if this is a repeat: I trawled through the archives and couldn't find a reasonable answer, so I'm asking here. I have an Asterisk install connecting from behind a NAT device (DSL modem) to a SIP proxy (in my case, Broadvoice). I have an sjphone softphone on a Windows PC also behind the NAT device that connects to the Asterisk install, and using this setup I've been pretty

https://bugzilla.netfilter.org/show_bug.cgi?id=1203 Bug ID: 1203 Summary: 'DisableExternalCache On' seems to be broken Product: conntrack-tools Version: unspecified Hardware: All OS: Ubuntu Status: NEW Severity: normal Priority: P5 Component: conntrack-daemon Assignee:

. "Saluton", Sorry by my poor english, I speak Portuguese. I does a captive portal using: - shorewall - dhcpd - thttpd (in port 8080) - maradns With Shorewall I use dinamic zones. The initial zone in shorewall is configured to redirects access to internal thttpd port 8080, that shows a login.cgi page. With thttpd I rewrite original url. The apache rewrite is very cool, but thttpd

On 1/26/2016 9:14 AM, Gordon Messmer wrote: > On 01/26/2016 05:37 AM, lejeczek wrote: >> vpn clients with established tunnels can get to VPN server's NICs/IPs >> but cannot get through to the net behind the server. >> Well... they can, but only if on a host (eg. 192.168.2.33) on VPN >> server's net I do: >> >> route add -host 192.168.2.10 gw