Displaying 20 results from an estimated 500 matches similar to: "Re: IPsec problems with tunneled networks"
2004 Oct 06
1
Re: VPN/ipsec naming of interfaces
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello!
>
>
> Machine A
> WAN IP: 123.123.123.111
> LAN IP: 192.168.177.1
>
>
> Machine A wants to connect through an IPsec tunnel to 192.168.176.2
tcp 110 (pop3).
>
> kernel: Shorewall:all2all:REJECT:
> IN= OUT=ppp0 SRC=123.123.123.111 DST=192.168.176.2
> LEN=60 TOS=0x10
2004 Oct 08
2
ipsec policy problem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello,
>
>
>
> #--- file: policy ---
> #vpn policies:
> loc vpn ACCEPT info
> fw vpn ACCEPT info
> vpn loc ACCEPT info
> vpn fw ACCEPT info
>
> net
2004 Oct 01
4
Re: Error: Your kernel and/or iptables does not not support policy match: ipsec
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello,
>
>
> I am trying to get ipsec with kernel 2.6.8.1 and shorewall 2.1.9 running,
> but I still have a problem:
>
> Validating hosts file...
> Error: Your kernel and/or iptables does not not support policy
match: ipsec
>
> I had a look for netfilter patch-o-matic, but I did not find the
2004 Oct 14
2
ipsec - report of success
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> I am using kernel 2.6.6 native ipsec with racoon and shorewall 2.1.9
> in production for one week now. I just want to tell you that it seems
> to run stable here.
>
> I am going to extend my setup to a 3 gateway setup soon.
> Afterwards I will try to also get roadwarriors in.
> I will report on that
2007 Mar 05
1
File exists?
Hello,
I''m trying to put 3 nodes in a vpn in tunnel mode.
When I run setkey on the following file, I end up with
The result of line 33: File exists.
That error isn''t overly helpful, so I was hoping that someone could explain
the issue.
Here''s the file, with line 33 highlighted.
Help appreciated.
Mike
# Flush the SAD and SPD
flush;
spdflush;
# Add SA for
2003 May 15
2
FW: iHEADS UP: ipsec packet filtering change
> -----Original Message-----
> From: Greg Panula [mailto:greg.panula@dolaninformation.com]
> Sent: 12 May 2003 11:10
> To: Matthew Braithwaite
> Cc: stable@freebsd.org
> Subject: Re: iHEADS UP: ipsec packet filtering change
>
> You don't really need the gif tunnels for ipsec. Gif is more geared
> towards ipv4 <=> ipv6 type tunnels. A few of ipsec
2004 Apr 22
2
IPsec - got ESP going, but not AH
Hi folks,
I've been working on getting my WiFi network running with IPsec. I'm
at the point where all traffic on the wifi subnet is encrypted (i.e.
ESP). Then I tried to add AH to the equation. I failed.
This picture describes the network setup:
http://beta.freebsddiary.org/images/ipsec-wireless.gif
Here's what I'm trying and failing with. With these rules, I get no
2008 Apr 02
2
Lmtp between hosts? (postfix/dovecot/ldap)
I have 2 hosts:
(a)
- dovecot-1.0.5-6
- postfix-2.4.5-20
-> It's not the mx record for the domain, just holds the mailboxes
-> Postfix uses LDAP for user lookup, dovecot too.
-> Works ok if I set it to be the final mail destination, with Cyrus and Dovecot LDA (mailbox_transport).
-> Has no domain associated (dns) with this ip address
(b)
- postfix-2.3.2-28
-> Has the mx record
2005 Apr 27
5
26sec kame ipsec tunnel : packets leave unencrypted...
Hi everyone,
First of all, this is my first post in this ML, so I''m not sure that this
is the right place for my question (please don''t shoot me down ;)). For
the record, I''ve been reading and using LARTC for almost 3 years now, and
it''s a great help for anyone who wants to learn linux networking.
My problem:
I want to setup a tunnel for the following
2013 May 17
1
PF + gif + ipsec + racoon + routing problems results in insecure ipsec vpn
Hi everyone,
I wrote up a post on the FreeBSD forums about the issue I am having. It's rather long so I am providing a link to it here: http://forums.freebsd.org/showthread.php?t=39595
In summary, it seems that when the packets are routed in to the gateway from local network hosts, the src and dst addresses are changed to the public IPs of the tunnel -- at least from the perspective of the
2014 Apr 05
2
[PATCH] acpi: allow non-optimus setups to load vbios from acpi
Hi, same for me. The screen does not freeze anymore and the boot
succeeds. But now I have this kernel message during boot (for the second
card):
[ 24.382045] pci_pm_runtime_suspend():
nouveau_pmops_runtime_suspend+0x0/0xe0 [nouveau] returns -22
Do you want to have the complete dmesg log? I think this is a new bug.
Your patch works for the previous one, so you can close it.
Yours,
Claas
On
2004 Apr 10
2
IPSec debug
Hi,
I have FreeBSD box with network interface having y.y.y.y ip address.
On same box i configure next ipsec ploicys to process trafic from
hardware ipsec enabled device.
spdadd 0.0.0.0/0 x.x.x.x/24 any -P out ipsec esp/tunnel/y.y.y.y-z.z.z.z/require;
spdadd x.x.x.x/24 0.0.0.0/0 any -P in ipsec esp/tunnel/z.z.z.z-y.y.y.y/require;
Is it possible to see decrypted incoming packets, and outgoing
2001 Sep 13
2
rsync does not copy hidden directories
We are using rsync and have noticed that it fails to copy hidden
directories. I looked through the doc and it doesn't look like there's a
flag to get rsync to not skip hidden (dot) directories. Am I missing
something or is this By Design? If By Design, I think it should be changed.
Michelene Chon
Manager, SCM (Software Configuration Management)
GetThere, a Sabre company
mchon@getthere.com
2004 May 11
3
rsync output -vv differs with dry-run option
I'm trying to figure out if a file has changed since the last rsync call. I
use the following command line:
rsync -cvv /mnt/xxx/vol1/dbase/100/kunden.dbf /mnt/label | grep "^total: "
| sed -e 's/.* data=//'
This gives a 0 if the file is unchanged and the file size if the file has
changed. Adding the "dry-run" option "n" to the command line always
2014 Feb 25
13
[Bug 75511] New: Screen freezes during boot with an 3.13 kernel (Arch Linux)
https://bugs.freedesktop.org/show_bug.cgi?id=75511
Priority: medium
Bug ID: 75511
Assignee: nouveau at lists.freedesktop.org
Summary: Screen freezes during boot with an 3.13 kernel (Arch
Linux)
QA Contact: xorg-team at lists.x.org
Severity: normal
Classification: Unclassified
OS: Linux (All)
2014 Mar 26
3
[PATCH] acpi: allow non-optimus setups to load vbios from acpi
There appear to be a crop of new hardware where the vbios is not
available from PROM/PRAMIN, but there is a valid _ROM method in ACPI.
The data read from PCIROM almost invariably contains invalid
instructions (still has the x86 opcodes), which makes this a low-risk
way to try to obtain a valid vbios image.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=76475
Signed-off-by: Ilia Mirkin
2003 May 11
1
iHEADS UP: ipsec packet filtering change
On Sun, 23 Feb 2003 09:47:05 -0800, "Sam Leffler" <sam@errno.com> said:
>
>> Add a new config option IPSEC_FILTERGIF to control whether or not
>> packets coming out of a GIF tunnel are re-processed by ipfw,
>> et. al. By default they are not reprocessed. With the option they
>> are.
>
> This may affect your ipfw/ipf rules. If you are happy with
2003 Aug 18
3
dynamic IPSEC: Holy grail sighted
Hi,
Thanks to some pointers from Christian Kratzer, I am now able to join the
office VPN from a random WiFi hotspot. With the configuration files changes
detailed below, from a public WiFi hotspot I can now use this 3 step
procedure to login to the office VPN.
1) While at hotspot, boot up my -STABLE laptop.
2) Insert wireless card.
3) "rsh server"
This procedure works for a DHCP
2007 Mar 07
1
freebsd vpn server behind nat dsl router
Hello Greg,
I am writing you, because I saw your responses to a couple of messages on
the freebsd-security mailing list related to freebsd vpn and nat.
My situations is rather unique, and I am needing an expert's eyes to
glance at it and confirm whether it is doable or not. I have a simple
diagram that illustrates what I am trying to do, and it is located here
(about 40k):
2005 Feb 05
13
Problem while trying to set up an ipsec vpn
Hi,
I''m asking my question here, because I could not find any answer to my
problem, but I''m affraid shorewall is not the one to blame.
First of all I''m using shorewall version 2.0.15 on two linux box.
I set up an ipsec tunnel beetween those 2 boxes to be ables to connect
2 not routable subnetworks.
Here is my network topology:
10.66.17.0/24 - 10.66.17.1 = eth0