Displaying 20 results from an estimated 7000 matches similar to: "Dynamic Zones"
2002 Sep 29
7
[Fwd: Building custom _updown script for freeswan to make it talk with shorewall]
Tuomo Soini wrote:
> You don''t happen to read shorewall-devel mailinglist ?
I read it -- I just didn''t know what to make of your post and it arrived
while I was on vacation.
What exactly are you trying to accomplish that Shorewall isn''t doing for
you now?
e.g.
/etc/shorewall/zones
rw Roadwarriors Road Warriors
/etc/shorewall/interfraces
rw ipsec+
2003 Jan 09
2
AW: How do I configure 2 static net2net VPNs ov er one interface ipsec0?
Hi,
Problem:
I want 2 vpn tunnels for 2 subnets over one interface ipsec0.
Documentation only describes config for 1 vpn or road warriors.
I defined 2 vpn zones ''fre'' and ''swe''.
#ZONE DISPLAY COMMENTS
net Net Internet zone
loc Local Local
fre VPN_Fre VPN Fre
swe VPN_Swe VPN Swe
Interface ipsec0 is tunnel over eth1. Local is eth0.
ipsec0 serves 2 zones: fre
2013 Jul 02
2
multiple VPN zones
Hi,
I had a look at this page which describes a single VPN zone called "vpn":
http://www.shorewall.net/IPSEC-2.6.html
Is this the most current information? It is the top page found by
Google for "shorewall ipsec"
Is there any information about setting up multiple VPN zones for
different classes of road warrior? E.g. lets say there are two classes
of road warrior:
2002 Sep 21
0
Building custom _updown script for freeswan to make it talk with shorewall
I have a plan to make freeswan and shorewall talk to each other.
Shorewall doesn''t currently have proper handles to make ipsec and
firewall work properly together and I''m planning on building a custom
_updown script for freeswan to make it communicate with shorewall.
How can I make shorewall work properly with different road warriors with
different dynamic ip-addresses and
2004 Feb 26
4
Help! Martians invading through IPSec. :-)
[ sorry for cross-posting this to newbies and users, but I''m a bit
desperate to get this resolved ]
This is strange... I had this working before without any problems, and
recently we started to have some odd issues. I can''t be sure exactly
what has changed as I''m unfortunately not the only person with access
to the server. {sigh}
The problem is that I pretty much
2003 Jul 03
0
IPSEC, multiple subnets and multiple road warriors, oh my! :)
Hi all,
I''ve been using Shorewall 1.42 for a month on two firewalls at work and
my own personal colocated server and love it. While pretty familiar
with iptables, I don''t like dealing with it on a daily basis, and
Shorewall certainly makes life easier. I''ve deployed Shorewall on both
our Toronto and Ottawa office firewalls, and have configured a
FreeS/WAN IPSEC
2003 Jan 14
1
MULTIPLE IPSEC TUNNELS
I am have a shorewall firewall and freeswan ipsec running on a redhat 8.0
Linux gateway machine. I have one working tunnel defined, all works well. I
am not clear how to define mutiple concurrent tunnels. I can not add further
interface entries as all the tunnels come in on ipsec0, do I still have
mutiple zone definitions? some of the tunnels will be dynamic roadwarriors
and as such would need a
2017 Oct 11
1
[PATCH v1 01/27] x86/crypto: Adapt assembly for PIE support
Change the assembly code to use only relative references of symbols for the
kernel to be PIE compatible.
Position Independent Executable (PIE) support will allow to extended the
KASLR randomization range below the -2G memory limit.
Signed-off-by: Thomas Garnier <thgarnie at google.com>
---
arch/x86/crypto/aes-x86_64-asm_64.S | 45 ++++++++-----
arch/x86/crypto/aesni-intel_asm.S
2009 Apr 11
2
Labeling points on plot on relative warp scores?
Hi there,
I am plotting relative warp scores (equivalent to pca scores) and I want to
label (color code and shape) the points by group. I can't figure out how to
do this beyond simple plotting.
plot(RW1, RW2);
Do I need to make vectors of each group and then plot them separately onto
the same plot? How do I go about this?
Thanks!
--
View this message in context:
2004 Aug 28
0
Shorewall 2.1.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In this release:
1) Dynamic Ipsec Zones now work.
2) Output Traffic Accounting by user/group is supported (thanks to
Tuomas Jormola).
3) The following negative test options are added in /etc/shorewall/ipsec
and /etc/shorewall/masq:
reqid!=<number>
spi!=<number>
proto!=esp|ah|ipcomp
mode!=tunnel|transport
2005 Feb 02
6
NAT troubles with IPSEC traffic
I just got the list confirmation and noticed it''s text only email so here it
is again in plain text. Below is the oringal message.
Hi all,
I am really struggling with this one, I have built a lot of linux machines
using IPSEC tunnels and shorewall gateways. I decied to build a new test
machine with Debian running 2.4.25 and Shorewall 2.0.15. I have two subnets
on their own switches and
2002 Oct 24
0
Shorewall 1.3.10 Beta 1
There''s a lot new in 1.3.10:
1) You may now define the contents of a zone dynamically with the
"shorewall add" and "shorewall delete" commands. These commands are
expected to be used primarily within FreeS/Wan updown scripts.
2) Shorewall can now do MAC verification on ethernet segments. You can
specify the set of allowed MAC addresses on the segment and you can
2004 Aug 13
1
ipsec tunnel to netgear fvs318
Hi,
I''m trying to set-up an ipsec tunnel between a Redhat9 box and a Netgear
FVS318.
When trying to initialise the connection - ifup ipsec0 - I get the error:
RTNETLINK answers: Network is unreachable
This would lead me to believe shorewall is blocking ipsec.
My config is below.
The output of ''shorewall status'' is attached.
Any help in pointing out if I''ve
2002 Nov 09
2
Shorewall 1.3.10
In this version:
1) You may now define the contents of a zone dynamically with the
"shorewall add" and "shorewall delete" commands. These commands
are expected to be used primarily within FreeS/Wan updown scripts.
2) Shorewall can now do MAC verification on ethernet segments. You can
specify the set of allowed MAC addresses on the segment and you can
optionally
2002 Nov 09
2
Shorewall 1.3.10
In this version:
1) You may now define the contents of a zone dynamically with the
"shorewall add" and "shorewall delete" commands. These commands
are expected to be used primarily within FreeS/Wan updown scripts.
2) Shorewall can now do MAC verification on ethernet segments. You can
specify the set of allowed MAC addresses on the segment and you can
optionally
2004 Aug 12
0
Advanced Routing and FreeSwan
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I''m trying to setup a central IPSEC-Gateway with several ipsec tunnels.
Some are to be routed over one leased line, some over the other leased
line. Both leased lines have their own public ip adress.
The setup looks kinda like this:
eth1(ipsec0)--ISP0--Internet--eth1-Linux1-eth0--Subnet1
/
2006 Jul 26
1
IPSec tunnel mode, through a IPIP tunnel
Hello Gurus,
I am a small problem with routing and here are the details.
Interfaces on my server:
* ipsec0 - 172.19.58.94
* tunl0 - 172.19.58.94
* eth0 - 172.19.58.94
Now, the problem is that there is another host 172.19.58.200. All
communication to 172.19.58.200 should be through tunl0, and all the data
should be secured using IPSec (tunnel mode - because there are more
machines on my
2008 Jul 17
1
racoon and ipsec issues
I am attempting to create an ipsec tunnel between two CentOS 5.1
systems, network-to-network with two different 192.168.xxx.0/24
LAN segments. I have gone through the documentation on the
centos web site, and have the machines to the point where the
/var/log/messages show ``IPsec-SA established'' on both machines
after runnig ``ifup ipsec0'' (same ipsec0 on each machine).
IP
2003 Oct 26
4
linux-xp x509 ipsec connection
hi,
I can''t get a freeswan 2.02 ipsec x509 connection at work
can somebody help me?
*************************************************************************************
global situation
*************************************************************************************
the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24,
a dyn IP via a DSL
2005 Mar 31
3
Multiple subnet question
Hi All,
I just added a second subnet and thought I had read all the relevant
FAQ''s and had set things up properly, but a few odd things are
happening.
ZONES:
net Net Internet
loc Local Local networks 192.168
loc2 Local Local networks 10.151
ppp PPP PPP Dial-in
rw RoadWarriors Road Warriors
rw2 RoadWarriors Road