Displaying 20 results from an estimated 8000 matches similar to: "IPSEC, multiple subnets and multiple road warriors, oh my! :)"
2002 Sep 29
7
[Fwd: Building custom _updown script for freeswan to make it talk with shorewall]
Tuomo Soini wrote:
> You don''t happen to read shorewall-devel mailinglist ?
I read it -- I just didn''t know what to make of your post and it arrived
while I was on vacation.
What exactly are you trying to accomplish that Shorewall isn''t doing for
you now?
e.g.
/etc/shorewall/zones
rw Roadwarriors Road Warriors
/etc/shorewall/interfraces
rw ipsec+
2005 Jan 23
3
Best VPN server for * and woad warriors using windows?
Hi list!
I'm sure the topic has been discussed but I could not find what I was
looking for.
What would be the best / easiest VPN software solution. I would like to
install vpn software on the * server for roadwarriors to connect to with
laptops running windows. Ideally the vpn solution will not require any
additional software on the client side but will use IPSEC.
(Ofcourse call quality
2004 Dec 19
6
IPSEC vs OpenVPN
While I have concentrated on support for 2.6 native IPSEC in release
2.2.0, I am still of the opinion that unless you absolutely need IPSEC
compatibility that OpenVPN is a much easier (and in the case of
roadwarriors, a much better) solution.
Having already generated all of the required X.509 certificates, it took
me less than 1/2 hr to replace my IPSEC testbed with an OpenVPN one
using the new
2013 Apr 11
2
IKEv2/IPSEC "Road Warrior" VPN Tunneling?
Is there a "cookbook" for setting this up? There are examples for
setting up a tunnel between two fixed-address networks (e.g. a remote
LAN that needs to be "integrated" with a central LAN over IPSec but I
can't find anything addressing the other situation -- remote user(s)
where the connecting IPs are not known in advance, such as a person with
a laptop or smartphone in a
2003 Jan 14
1
MULTIPLE IPSEC TUNNELS
I am have a shorewall firewall and freeswan ipsec running on a redhat 8.0
Linux gateway machine. I have one working tunnel defined, all works well. I
am not clear how to define mutiple concurrent tunnels. I can not add further
interface entries as all the tunnels come in on ipsec0, do I still have
mutiple zone definitions? some of the tunnels will be dynamic roadwarriors
and as such would need a
2005 Mar 13
4
Bridging Firewall with windows OpenVPN road warriors?
I have previously set up an openvpn LAN to LAN bridging VPN so I know a
little about what has to happen. The gateways on either ends were
running older version of shorewall that did not support openvpn directly
so I just basically opened ports for it and used bridging with tap
interfaces. I am no longer using that vpn link to the other house but
now that i''ve upgraded I would like
2005 May 02
1
Problems with ipsec roadwarrior
Hello,
i have got a problem with the configuration of an roadwarrior ipsec VPN tunnel with shorewall 2.2.3.
I read the Shorewall Kernel 2.6 IPSEC and folowed the instructions to that point
where to modify the hosts with the folowing parameters:
vpn eth0:0.0.0.0/0 ipsec
But i have got an entry like
net eth0:0.0.0.0/0
even in the same file:
If i
2006 Aug 21
0
[Fwd: Re: Connecting CentOS to IPSEC VPN (Checkpoint FW1)]
Sorry Dag,
it is possible to use linux as a roadwarrior client:
http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html
-------- Original Message --------
Subject: Re: [CentOS] Connecting CentOS to IPSEC VPN (Checkpoint FW1)
Date: Mon, 21 Aug 2006 15:20:55 +0200
From: carlopmart <carlopmart at gmail.com>
To: CentOS mailing list <centos at centos.org>
2007 Oct 12
0
OT: a very big problem with ipsec-tools on CentOS5
Hi all,
I am trying to establish a vpn tunnel between one CentOS5 IPSec server and a
roadwarrior client, CentOS5 too. Roadwarrior use ipsec-tools version 0.6.5-8
(that comes with CentOS5) and server uses version 0.7 (downloaded from
ipsec-tools website).
My server configuration is:
path include "/etc/racoon";
path certificate "/etc/racoon/certs";
path pre_shared_key
2004 Dec 18
0
IPSEC-2.6 Roadwarrior
I''ve successfully tested an IPSEC Roadwarrior configuration where both
the gateway and the roadwarrior are runniing 2.6 with Racoon.
The Shorewall IPSEC-2.6 documentation (http://shorewall.net/IPSEC.htm)
has been updated to reflect my experimentation.
Note that you can get the new ''ipsecvpn'' script from CVS until I release
RC1 in the next day or so.
-Tom
--
Tom
2002 Oct 01
0
Dynamic Zones
The version of Shorewall in the CVS development tree contains the first
implementation of dynamic zones. While these zones are aimed at IPSEC Road
Warriors, there is nothing ipsec-specific in the implementation except for
a small extension in the tunnels file.
There are two new commands: add and delete
shorewall {add|delete} <interface>[:<host or subnet>] zone
The interface
2004 Dec 10
2
Re: 2.6 Kernel and Native IPSEC
>From your post on Oct. 4, 2004
>As I announced earlier, I''m on vacation this week and we are spending
>the week at our second home. Before I left, I simulated an IPSEC tunnel
>between this house and our home in the Seattle area and I''m pleased to
>announce that the real tunnel works flawlessly.
>
>So I believe that I have done all of the testing that I can
2007 Oct 12
1
OT: a very big problem with ipsec-tools on CentOS5 (SOLVED)
Buf ... Solved. Problem was that /etc/pam.d/racoon doesn't exists (I found this
tip on NetBSD ipsec pages). Simply I have copied /etc/pam.d/passwd to
/etc/pam.d/racoon and now all works as expected.
Many thanks for your help Ross.
Ross S. W. Walker wrote:
>
> I think it might just use another one like /etc/pam.d/remote
> cause I audited the package and it wasn't there.
2004 Jan 15
2
Crypto API and Shorewall
A number of you are flailing around trying to get the subject combination to
work.
You should all be aware that there are parts of this that don''t currently work
and that won''t work well until there are enhancements made to Shorewall (and
probably to Netfilter).
I. There is no clean way currently to support Road Warriors from a
Masquerading Netfilter firewall/gateway. As
2004 Dec 22
2
IPSec and Roadwarrior
Tom,
After reading your latest postings, I am correct in understanding that,
even with the netfilter-ipsec and policy patches in kernel 2.6, I still
would not be able to connect more that one roadwarrior at a time?
Mitch
2004 Feb 26
4
Help! Martians invading through IPSec. :-)
[ sorry for cross-posting this to newbies and users, but I''m a bit
desperate to get this resolved ]
This is strange... I had this working before without any problems, and
recently we started to have some odd issues. I can''t be sure exactly
what has changed as I''m unfortunately not the only person with access
to the server. {sigh}
The problem is that I pretty much
2016 Nov 27
0
Bridge LAN for Windows Road Warrior
A couple days ago with help from Guus I got my basic setup running. I played and switched around parameters, modes, subnets etc and always got things working in each config.
Trying to move on, I only just now realised that for what I ultimately want to do, I would have to make every machine in my office LAN a tinc node, which I’m not allowed to. I’m allowed to build up a “tinc gateway” (can be
2003 Oct 26
4
linux-xp x509 ipsec connection
hi,
I can''t get a freeswan 2.02 ipsec x509 connection at work
can somebody help me?
*************************************************************************************
global situation
*************************************************************************************
the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24,
a dyn IP via a DSL
2004 Sep 30
4
IPSec connection from fw itself over vpn
Hello everyone,
I''m not sure whether to place my question here or in the racoon mailing
list or even in that of iptables.
I have created an ipsec connection with racoon in tunnel mode to another
gateway to connect one subnet on each side to each other. This works
fine. Only the ipsec gateway itself can''t send packages to the opposite
subnet.
Shorewall is configured according
2004 Oct 04
0
2.6 Kernel and Native IPSEC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As I announced earlier, I''m on vacation this week and we are spending
the week at our second home. Before I left, I simulated an IPSEC tunnel
between this house and our home in the Seattle area and I''m pleased to
announce that the real tunnel works flawlessly.
So I believe that I have done all of the testing that I can on the new