Displaying 20 results from an estimated 300 matches similar to: "strange behavior of ipsec tunnel mode"
2007 Mar 22
0
Racoon ERROR: Invalid CR type 0
SuSE10.2
Linux Kernel 2.6.18 Patched,
Whenever I try to establish a connection raccoon fails giving the
following error.
Raccoon config #################
remote 67.101.176.***
{
exchange_mode main,aggressive;
doi ipsec_doi;
situation identity_only;
my_identifier address;
send_cr off;
send_cert off;
lifetime time 2 min;
2007 Feb 03
0
ipsec and x509 certificate
hi I''m trying to get ipsec working with x509 certificates however I
just can''t seem to. I''ve hit a road block and was wondering if someone
could help me figure it out. my racoon.conf (I have it mirrored on the
connecting machine.
path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/certs";
remote anonymous
{
exchange_mode
2007 Sep 03
3
Shorewall + IPSec: help debugging why gw1<->gw2 SA works, but loc<->gw2 traffic doesn't trigger SA
Dear list,
I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working
well as an office DSL router (dynamic IP) with loc and dmz zones. I am now
trying to configure IPSec to connect a VPS, "casp", with a static IP to both
the firewall and to the loc network behind it. The host to host SA works
fine. However, pings from "loc" to "casp" can be
2004 Sep 04
0
Ipsec and kernel 2.6.8
Hi all :-)
I have a problem with my current configuration of ipsec. I''m using ipsec with
kernel 2.6 and racoon. I have two computers linked by wireless cards. The first
(192.168.1.1 Zeus) is connected to internet through a DSL modem and the second
(192.168.1.2 Memphis) is accessing internet through the first. I want with
ipsec to encrypt all datas between the two computers.
I can
2005 May 12
1
Has anybody managed to get native IPSec working?
I've just wrote a lenghty email on Fedora ML as reply to Phillip who
seems to be in the same trouble as myself... Found that while searching
all mailing list archives and bugzillas I could think off (not really
successfully, many people with same problems, no answers other than
"works for me" -- glad to hear it works for somebody else, but it would
be nice if he/she was a bit
2007 Oct 12
0
OT: a very big problem with ipsec-tools on CentOS5
Hi all,
I am trying to establish a vpn tunnel between one CentOS5 IPSec server and a
roadwarrior client, CentOS5 too. Roadwarrior use ipsec-tools version 0.6.5-8
(that comes with CentOS5) and server uses version 0.7 (downloaded from
ipsec-tools website).
My server configuration is:
path include "/etc/racoon";
path certificate "/etc/racoon/certs";
path pre_shared_key
2007 Oct 12
1
OT: a very big problem with ipsec-tools on CentOS5 (SOLVED)
Buf ... Solved. Problem was that /etc/pam.d/racoon doesn't exists (I found this
tip on NetBSD ipsec pages). Simply I have copied /etc/pam.d/passwd to
/etc/pam.d/racoon and now all works as expected.
Many thanks for your help Ross.
Ross S. W. Walker wrote:
>
> I think it might just use another one like /etc/pam.d/remote
> cause I audited the package and it wasn't there.
2006 Mar 21
1
Problem with SAMBA+HEARTBEAT
Hi all,
I have two servers ZEUS (MASTER - 192.168.2.11) and POSEIDON (SLAVE - 192.168.2.12) with HeartBeat+DRBD+SAMBA installed ; HeartBeat is controlling SAMBA.
I have a big partition which are mirrored /share.
I moved all important directory on it. For example:
# mv /var/lib/samba /share/cluster/varlibsamba
# mv /var/cache/samba /share/cluster/varcachesamba
and I make a link for each one:
# ln
2013 Apr 09
1
[OpenSIPS-Users] 404 When BYE initiated by external callee
On Tue, Apr 9, 2013 at 1:22 PM, Bogdan-Andrei Iancu <bogdan at opensips.org>wrote:
> **
> Hi Nick,
>
> The BYE is not properly formed and rejected by script - in the 200 OK of
> the INVITE, you can see that your opensips is doing Record-Routing, but the
> BYE does not contain the corresponding Route hdr, so SIP routing is
> impossible.
>
> Regards,
>
>
2004 Dec 05
2
host list in /etc/shorewall/hosts: interface ignored
Hi,
the new function ''shorewall show zones'' in 2.2.0-Beta showed a thing
which is (in my view) either abug or not documented.
If I have a line in /etc/shorewall/hosts which reads
work br0:eth0:192.168.2.10,192.168.2.11,192.168.2.12
then "show zones" has the output
work
br0:eth0:192.168.2.10
br0:192.168.2.11
br0:192.168.2.12
That is, the
2013 Mar 10
1
Register Free Opensips/Asterisk Integration
Hello Everyone,
I have gone through a few really good tutorials from the OpenSIPS
site, Asterisk resources etc.. The unanswered question (and final
piece of our puzzle) is if it's possible to have a register free
environment in an OpenSIPS/Asterisk integration. Most approaches have
OpenSIPS relay the UA's REGISTER request to Asterisk which has
"host=dynamic" set for the
2007 Nov 15
2
IPSEC help
Hi,
I am new to ipsec and trying to connect my bsd server with win 2000. I have succeeded to tunnel using pre-shared key. But regarding certificate , I failed to get success.
The following are configuration :
racoon.conf
path certificate "/usr/local/openssl/certs" ;
# "log" specifies logging level. It is followed by either "notify",
2004 Dec 05
13
Adding dynamically more than one host at once?
Hi,
it seems not to be possible to add more than one host at once to a zone.
So
shorewall add br0:eth0:192.168.2.10,eth0:192.168.2.11 work
fails, since "br0:eth0:192.168.2.10,eth0" is interpreted as one interface.
--snip --
iptables v1.2.9: interface name `eth0:192.168.2.10,eth0'' must be shorter
than IFNAMSIZ (15)
Try `iptables -h'' or ''iptables
2019 Jan 02
2
Erratic local hostname resolution with Dnsmasq
Hi,
My local server is running CentOS 7. The machine has two NICs and is
acting as a gateway. For DHCP and DNS, I'm using Dnsmasq. I have a
strange little problem with local hostname resolution. Before going into
more details, here's my configuration.
[root at nestor:~] # ifconfig
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.2 netmask
2005 Oct 14
1
DoveCot 1.0a3 hangs at login
I've just upgraded to 1.0a3 via a freebsd port, and I've begun to
notice odd behaviour from Dovecot. After converting my config file
settings over to the new format, everything runs fine for an hour or
so, then dovecot stops responding:
oot at toejamfootball# telnet localhost 143
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
2014 Aug 12
1
Asterisk seding 2 INVITEs all of a sudden
Hello Everyone,
Today we observed asterisk sending two invites for the initial call before
the call was established (ie, not re-invites). There were no changes made
to the configuration for a very long time, and was kind of confused when
seeing this action. Can someone please suggest where to look to remove
this behaviour?
U 2014/08/12 07:34:20.405029 192.168.2.10:5060 -> 192.168.2.20:5080
2008 May 22
0
SIP configuration issues
Apologies if this is a repeat: I trawled through the archives and couldn't
find a reasonable answer, so I'm asking here. I have an Asterisk install
connecting from behind a NAT device (DSL modem) to a SIP proxy (in my case,
Broadvoice). I have an sjphone softphone on a Windows PC also behind the NAT
device that connects to the Asterisk install, and using this setup I've been
pretty
2017 Nov 28
3
[Bug 1203] New: 'DisableExternalCache On' seems to be broken
https://bugzilla.netfilter.org/show_bug.cgi?id=1203
Bug ID: 1203
Summary: 'DisableExternalCache On' seems to be broken
Product: conntrack-tools
Version: unspecified
Hardware: All
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: conntrack-daemon
Assignee:
2008 Apr 09
2
Captive Portal with Shorewall
.
"Saluton",
Sorry by my poor english, I speak Portuguese.
I does a captive portal using:
- shorewall
- dhcpd
- thttpd (in port 8080)
- maradns
With Shorewall I use dinamic zones.
The initial zone in shorewall is
configured to redirects access to
internal thttpd port 8080, that
shows a login.cgi page.
With thttpd I rewrite original url.
The apache rewrite is very cool, but
thttpd
2016 Jan 26
2
vpn - xl2tpd and routing to a net?
On 1/26/2016 9:14 AM, Gordon Messmer wrote:
> On 01/26/2016 05:37 AM, lejeczek wrote:
>> vpn clients with established tunnels can get to VPN server's NICs/IPs
>> but cannot get through to the net behind the server.
>> Well... they can, but only if on a host (eg. 192.168.2.33) on VPN
>> server's net I do:
>>
>> route add -host 192.168.2.10 gw