Displaying 20 results from an estimated 1000 matches similar to: "[Fwd: Building custom _updown script for freeswan to make it talk with shorewall]"
2002 Oct 01
0
Dynamic Zones
The version of Shorewall in the CVS development tree contains the first
implementation of dynamic zones. While these zones are aimed at IPSEC Road
Warriors, there is nothing ipsec-specific in the implementation except for
a small extension in the tunnels file.
There are two new commands: add and delete
shorewall {add|delete} <interface>[:<host or subnet>] zone
The interface
2003 Jan 09
2
AW: How do I configure 2 static net2net VPNs ov er one interface ipsec0?
Hi,
Problem:
I want 2 vpn tunnels for 2 subnets over one interface ipsec0.
Documentation only describes config for 1 vpn or road warriors.
I defined 2 vpn zones ''fre'' and ''swe''.
#ZONE DISPLAY COMMENTS
net Net Internet zone
loc Local Local
fre VPN_Fre VPN Fre
swe VPN_Swe VPN Swe
Interface ipsec0 is tunnel over eth1. Local is eth0.
ipsec0 serves 2 zones: fre
2002 Sep 21
0
Building custom _updown script for freeswan to make it talk with shorewall
I have a plan to make freeswan and shorewall talk to each other.
Shorewall doesn''t currently have proper handles to make ipsec and
firewall work properly together and I''m planning on building a custom
_updown script for freeswan to make it communicate with shorewall.
How can I make shorewall work properly with different road warriors with
different dynamic ip-addresses and
2009 Apr 11
2
Labeling points on plot on relative warp scores?
Hi there,
I am plotting relative warp scores (equivalent to pca scores) and I want to
label (color code and shape) the points by group. I can't figure out how to
do this beyond simple plotting.
plot(RW1, RW2);
Do I need to make vectors of each group and then plot them separately onto
the same plot? How do I go about this?
Thanks!
--
View this message in context:
2003 Jan 14
1
MULTIPLE IPSEC TUNNELS
I am have a shorewall firewall and freeswan ipsec running on a redhat 8.0
Linux gateway machine. I have one working tunnel defined, all works well. I
am not clear how to define mutiple concurrent tunnels. I can not add further
interface entries as all the tunnels come in on ipsec0, do I still have
mutiple zone definitions? some of the tunnels will be dynamic roadwarriors
and as such would need a
2007 Oct 11
2
Matching and merging two rows with missing values
Hello,
I have two rows which are almost identical but miss different values at
different locations. I would like to merge these two rows so that the
missing values are replaced by the element in the same column on the other
row making one row. If both rows contain a NA, NA remains in the output.
1 2 3 4 5
Row1 AA AG GG NA NA
Row2 NA AG GG AA NA
The
2003 Jan 14
1
Question on Shorewall with FreeSwan
I am new to Shorewall and FreeSwan, please excuse my ignorance I was
wondering if someone could help me.
I had help getting my FreeSwan running with the following iptables
commands:
iptables -I FORWARD -s 0/0 -d 192.168.1.0/24 -i ipsec0 -o eth1 -j
ACCEPT
iptables -I FORWARD -s 192.168.1.0/24 -d 0/0 -i eth1 -o ipsec0 -j
ACCEPT
If I manually run this FreeSwan works, however I am not sure
2005 May 23
2
VPN
Hi list, I am trying to create a VPN between two different locations. On
the first location we have a cisco pix 525 Natting the internal
192.168.100.x network, while on the second location we have a Centos3
box Natting via iptables the internal 192.168.10.x netowrk. My goal is
to connect this 2 over the internet via IPsec. I created the IPsec
Net2Net via the network configuration graphic
2003 Jan 14
1
Firewalling multiple FreeSwan connections
Hi all!
I have got a vpn connection set up using FreeSwan and shorewall.
Everything works fine but I want to add another subnet to the whole. This
means that 1 box will get two net-to-net connections.
I want to limit the services on one subnet however. Cuurently I have
defined a vpn zone for the current connection and allow all vpn<->loc
traffic.
How would I go about in tightening the
2002 Feb 28
2
Problem with FreeSwan and Shorewall on a LEAF(Oxygen) based router.
Hello,
I seem to have the Freeswan IPSEC tunnel working between my two sites,
but I am still having a problem that looks to be because of something I have
configured wrong in my shorewall setup..
I have a LEAF Oxygen < 1.9 heavily modifed firewall setup.. Using
FreeSwan 1.91, and Kernel 2.4.8. Modified to use IPTables and
standard Debian network/interfaces. I am also using Shorewall
2004 Jan 07
1
Forward some traffic to VPN
Hi. I am trying to force some traffic that goes to address 203.7.93.94
through a VPN tunnel. I use freeswan 1.98b and Shorewall 1.4.6c in one
machine. The 203.7.93.94 is in the DMZ on the other end. (Both ends use
the same shorewall and freeswan).
I have successfully set up a tunnel between the two network (using a
point to point topology, not hub).
I added a static routing that redirect
2003 Oct 26
4
linux-xp x509 ipsec connection
hi,
I can''t get a freeswan 2.02 ipsec x509 connection at work
can somebody help me?
*************************************************************************************
global situation
*************************************************************************************
the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24,
a dyn IP via a DSL
2001 Apr 28
3
VPN?
Once you have Samba shares up and running on the
internal network, how do you go about making them
available (browsable) via the Internet--a VPN?
I hate to say it but in Windows 2k it's just a matter
of a few clicks on the server and client. I'm hoping
that it's not much harder with a Linux server/Windows
client. Anything involving something like SSH will be
too hard for most users.
2006 May 03
5
SNAT on IPSEC tunnel with kernel 2.6/KAME tools?
Hi,
Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey
on which I have one address on my side acting as an SNAT router for all
traffic from my network to a network segment on the far side.
my network --- my gateway ---------------------- remote network
10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22
All traffic starts on my side, so if I can
2013 Mar 04
6
Centos6 ipsec troubles
Hello,
it looks like the usual way to do ipsec on centos5 won't work anymore on
centos6
I installed ipsec-tools but an interface type IPsec is not recognized by
the kernel
ifup ipsec0
Device does not seem to be present, delaying initialization.
I am not planning to use the awful OpenSwan, I Want to sue the Kame
implementation which was working fine on CentOS5
any hints ?
thank you
2013 Jul 02
2
multiple VPN zones
Hi,
I had a look at this page which describes a single VPN zone called "vpn":
http://www.shorewall.net/IPSEC-2.6.html
Is this the most current information? It is the top page found by
Google for "shorewall ipsec"
Is there any information about setting up multiple VPN zones for
different classes of road warrior? E.g. lets say there are two classes
of road warrior:
2002 Jun 19
2
VPN and SAMBA
Hello!
I've got a problem with DNS,VPN and SAMBA.
I do have 3 Linux servers on distinct subnets. (192.168.1.1 ,192.168.2.1
and 192.168.3.1). I have done a VPN between the 3 subnets and I could do
a ping from 192.168.1.1 to the others without problems.
Each sever has 2 network cards. One of them is connected to ADSL.
2004 Aug 06
7
Site-to-site VPN with dynamic IPs
Hi All,
Is it possible to establish site-to-site VPN using dynamic IP addresss
assigned by ISP ?
If yes, I would like to request a sample ipsec.conf for such scenario...
Thanks and warmest regards
aslay
###################################################
# This message has been scanned for viruses and #
# dangerous content by Pensteel Digital Solutions #
# Open Source Security Server,
2007 Jun 25
4
Using Julian Anastasov''s ''routes'' patches on 2.4 kernel in conjunction with IPSec
Hello,
I use Julian Anastasov ''routes'' (to be more specific: static_routes,
alt_routes and nf_reroute) patches on a 2.4.32 kernel. On the same host I run
IPSec. I have discovered after a few hours of networking problems that,
when IPSec is enabled on that patched kernel, inspecting packets with tcpdump
while arping-ing a host from a network physically connected to this
2002 Dec 29
2
win98 browsing problem across VPN subnets
I have just setup a VPN connection three sites using IPCOP.
Everything seems to be talking ok, apart from browsing the network neighborhood. There are no NT/Win2K/XP servers running on any of the sites, all sites are just running win98 pc's using tcp/ip. I have tried configuring all PC's to be on the same workgroup and setup sharing, but still each site can only see the pc's