similar to: Linux Kernel 2.6, Ipsec, ADSL (dynamic addresses)

Hello Mailinglist, please excuse my bad english - but I am not a native speaker. My Network looks like this: Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X) No I try to connect my iphone (from mobile Internet G3) over VPN (l2tp/ipsec) with the firewall. But I can´t open the necessary Port 1701. /var/log/syslog ... Dec 30 00:24:29 router kernel: [226128.293757]

hi, I can''t get a freeswan 2.02 ipsec x509 connection at work can somebody help me? ************************************************************************************* global situation ************************************************************************************* the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24, a dyn IP via a DSL

Hey First, apologies if this went out twice. I sent the original email from an odd email configuration (essentially from an alias of what I signed up as). I searched and noticed that my post did not appear and I did not get a bounce back so I was confused. I waited a few days before resending. So apologies if this goes out twice. I am not trying to spam. I was hoping someone could help me with

Dear list, I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working well as an office DSL router (dynamic IP) with loc and dmz zones. I am now trying to configure IPSec to connect a VPS, "casp", with a static IP to both the firewall and to the loc network behind it. The host to host SA works fine. However, pings from "loc" to "casp" can be

Hi, I am trying to get L2TP roadwarrior VPN working from http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP but i am making a mistake somewhere, appreciate a fresh set of eyes to help. I have the following interfaces: ppp0 - interneteth0 - local networkrem - client openvpnl2tp - ppp for lt2p clients I am getting the following error logged when trying to connect into the server with L2TP from a remote

Hi All, Is it possible to establish site-to-site VPN using dynamic IP addresss assigned by ISP ? If yes, I would like to request a sample ipsec.conf for such scenario... Thanks and warmest regards aslay ################################################### # This message has been scanned for viruses and # # dangerous content by Pensteel Digital Solutions # # Open Source Security Server,

I have been using shorewall and freeswan successfully for 3 or more years now. But they have all been using the Linux 2.4 kernel. My current configuration is (as the title suggests) using SuSE 9.1 which has a 2.6.5 kernel and freeswan 2.0.4 built-in. After much reading and a lot of trial and error, I did get this combination to work with Shorewall 2.0.9. It is happily talking to an older Mandrake

class wrote on 06/10/2004 11:18:48: > Hello, I have the following situation: > > 192.168.176.0/24 ------ A ========== B ------ 192.168.177.0/24 > 192.168.176.2 pop3 ipsec > racoon > > > policy: (Machine A and B) > ------- > loc vpn ACCEPT > vpn loc ACCEPT > all

class wrote on 06/10/2004 11:18:48: > Hello, I have the following situation: > > 192.168.176.0/24 ------ A ========== B ------ 192.168.177.0/24 > 192.168.176.2 pop3 ipsec > racoon > > > policy: (Machine A and B) > ------- > loc vpn ACCEPT > vpn loc ACCEPT > all

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 claas@rootdir.de wrote: > Hello! > > > Machine A > WAN IP: 123.123.123.111 > LAN IP: 192.168.177.1 > > > Machine A wants to connect through an IPsec tunnel to 192.168.176.2 tcp 110 (pop3). > > kernel: Shorewall:all2all:REJECT: > IN= OUT=ppp0 SRC=123.123.123.111 DST=192.168.176.2 > LEN=60 TOS=0x10

I set up an ipsec/racoon vpn tunnel test environment. The gateway machines are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and 10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10. The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an vice versa and they can both use the net via NAT, however 192.168.0.30 and 192.168.0.31 cannot directly

Hello Lartc Mailing List: Been working on something the last week and a half and ALMOST have it working.., just need a few pointers from the wizards on this mailing list to nail it. Ok, my setup is a hub and spoke arrangement, hub is Cisco 2821 with IOS 12.4. Spokes are ruggencom RX1000 routers, Debian based with the following versions installed: rx1000test:~# uname -a Linux rx1000test

As suggested here: http://lists.shorewall.net/pipermail/shorewall-users/2004-October/015097.html I''ve run: adam@shrike:~$ /sbin/iptables -m policy --help iptables v1.2.11 Usage: iptables -[AD] chain rule-specification [options] iptables -[RI] chain rulenum rule-specification [options] iptables -D chain rulenum [options] --snip-- And: adam@shrike:~$ sudo

I am have a shorewall firewall and freeswan ipsec running on a redhat 8.0 Linux gateway machine. I have one working tunnel defined, all works well. I am not clear how to define mutiple concurrent tunnels. I can not add further interface entries as all the tunnels come in on ipsec0, do I still have mutiple zone definitions? some of the tunnels will be dynamic roadwarriors and as such would need a

I have problems connecting IPSEC VPN clients on the masqueraded network to outside VPN servers. It looks like this: ipsec-user | 192.168.1.10 (DHCP assigned) | | 192.168.1.1 fw-1 (shorewall, Linux 2.6) | 20.20.20.20 (internet) | 30.30.30.30 fw-2 (IPSEC VPN endpoint) | 192.168.100.1 | | 192.168.100.2 server ipsec-user (a road warrior) is supposed to create an IPSEC tunnel to his home

Hi all .... I Have installed Bering LRP on Many sites and I am very pleased with the capabilites of shorewall. Howerver I came across a prob that I am unaware ot its solution. Using shorewall 2.0.2f Kernel 2.4.24 On one Site LRP box serves internet outgoing connections through ( static IP ) a DSL line AND an incoming dial-in PPP conection. My shorewall configuration Is based upon the fact

I have been working really hard configuring and researching very extensively, trying to figure why we are getting "Shorewall:FORWARD:DROP" packets. IPSEC works just fine without the iptable rules created by our shorewall configs but when starting shorewall and creating the iptables I noticed the packets are dropped. I know it is a config situation but I am totally racking my brain as

Hey guys I''ve been beating my head on this for a few hours. Maybe it is just a stupid configuration error you can point me at. First here is a small diagram of what I am trying to configure: http://6bit.com/img/netdiag.png Currently I only have Shorewall running on the host on the right of the diagram until I can get this working then I''ll add it to the other host as well.

I see support in shorewall for the KAME-tools, how about strongswan ? I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my vpn-gateway for the subnet behind it. # Shorewall version 3.4 - Zones File #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall fil ipsec mode=tunnel mss=1400 net ipv4

Hi all, I finally got my IPSec tunnel from my Fedora firewall system (running Shorewall 4.0.6) to a remote Draytek Router up-and-running, but I''m having difficulties directing traffic through the tunnel. From the output of "racoon -F -f racoon.conf" and the connection status page of the Draytek I can tell the tunnel is UP, but ping and traceroute requests to several hosts