similar to: Shorewall, FreeS/WAN, and IPSEC

I''m getting insane here. I''m running shorewall 1.3.11 with iptables 1.2.5 and freeswan 1.97 on a 2.4.18-8 kernel aka MNF. The setup is a followed: Lan (192.168.1.x) - FW (eth1 192.168.1.254 - eth0 64.x.y.71) - router 64.x.y.65 (which is default GW on eth0) -internet - 161.a.b.c (FW-1) So a windows client with checkpoint tries to connect to a vpn-1 server on the internet. The

This one is a bit complex so if no help is forthcoming, I understand. I have 2 shorewall firewalls (1.3.13) up and running. (both machines running Gentoo Linux 1.4_rc2) I have freeswan (1.98) running on each of them. I have squid setup as a caching/filtering server on each of them. Each of them was originally setup using the Two-interface Quick Start Guide. Then the Squid guide and then the IPSEC

hi, I can''t get a freeswan 2.02 ipsec x509 connection at work can somebody help me? ************************************************************************************* global situation ************************************************************************************* the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24, a dyn IP via a DSL

Hello all, I am configuring a vpn between freeswan and windows 2000. I am following the steps at http://www.jacco2.dds.nl/networking/win2000xp-freeswan.html, to get the VPN up and running. using this I have a ppp tunnel between windows and linux, which is inside a l2tp tunnel which is again encrypted by IPSec. (the url gives the configuration in detail and I have followed it exactly) Now the

hello, my setup is rh8 2.4.20-8, shorewall 2.0.7, freeswan-2.04. ------- policy------- vpn loc accept loc vpn accept vpn fw accept fw vpn accept --------------------- --------zone ------- net net loc local dmz dmz vpn vpn ------------------------ ----- tunnels --------- ipsec net 0.0.0.0/0 vpn ipsecnat net 0.0.0.0/0 vpn -------------------------------------- ------ interfaces

I am attempting to create an ipsec tunnel between two CentOS 5.1 systems, network-to-network with two different 192.168.xxx.0/24 LAN segments. I have gone through the documentation on the centos web site, and have the machines to the point where the /var/log/messages show ``IPsec-SA established'' on both machines after runnig ``ifup ipsec0'' (same ipsec0 on each machine). IP

Hello all together, I've got here a very strange problem. I've set up a vpn with freeswan between two subnets over the internet. Now I can ping from behind to behind. With Windows 98 I can search a computer which is in the other subnet and find the the computer. But...only the other computer is NOT a samba server. Means a w2k or w98 is ok. If I'm looking for the samba in the other

Shorewall version 2.0.3C Does anyone know where i might be able to get a RPM version of IPSEC for Linux Kernel -smp 2.4.20-31.9 ? I currently have IPSEC version 2.06 running on a Redhat Linux 9.0 box with kernel 2.4.20-6smp just fine. But whenever i attempt to upgrade the Kernel to the latest one mentioned above, IPSEC fails to startup properly and displays multiple error messages. I Checked

Helo to all, I am attempting to establish an IPSEC tunnel to a remote freeswan G/W with my laptop. My laptop sits in behind shorewall at home. From the documentation, this is what I Modified in Shorewall: /etc/shorewall/tunnels: ipsec loc 24.65.x.x /etc/shorewall/policy vpn loc ACCEPT loc vpn ACCEPT My question is, have I left anything out?

Hi, Does anyone have experience using IPSEC on CentOS in order to connect to vendor IPSEC-based VPN products (specifically Checkpoint FW1) ? Is the included IPSEC implementation sufficient, or do people have to rely on OpenSWAN or FreeSWAN ? I'd be testing tomorrow and I'm interested with experiences others have had and things to look out for. Thanks in advance, -- dag wieers, dag

Hi All, I need to configure a VPN between a FreeBSD-4.8 box and a Linux (FreeS/WAN) box. In the Linux side, the network administrator installed FreeS/WAN with RSA authentication without IKE support. Does anybody knows if is possible to make my FreeBSD box connect a VPN with the Linux box? If so, could point me to a documentation about how to install IPSec with RSA authentication and how to make

Hi I am trying to develop a night divert. Caller dials in after hours on Zap and it gets divert to a mobile number via a second Zap. The call bridges but will not hangup the channels when the parties finish. Is there something I am missing or an dial option that I should be using. I am using latest CVS. [night] exten => s,1,Answer exten => s,2,Wait,1 exten =>

Hello Lartc Mailing List: Been working on something the last week and a half and ALMOST have it working.., just need a few pointers from the wizards on this mailing list to nail it. Ok, my setup is a hub and spoke arrangement, hub is Cisco 2821 with IOS 12.4. Spokes are ruggencom RX1000 routers, Debian based with the following versions installed: rx1000test:~# uname -a Linux rx1000test

I am sure someone has had success getting NetBIOS names to transfer from one side of a VPN to the other, but I'm not that person (yet). I have read all available documentation and newsgroups and have exhausted my patience. I have a linux box running 2.4.21 kernel with Freeswan on each end of a VPN (its working). I have "Arno's iptables" firewall installed on each end (It is

Since we're on the subject of Samba over the WAN.... (BTW, I'm running three offices with a Samba 3.0.9 PDC and two Samba 3.0.9 BDCs over an FreeSwan based WAN and it works just fine. The WINS server is a must in my book though.) Last Thursday and Friday, one of the remove office's WAN lines went down. While the outages were significant, nothing major happened because of it. But,

Hi, I''m currently using shorewall 1.3.10. I have successfully using it with one ipsec connection to remote office. Both using freeswan 1.98b and linux 2.4.19 Network A --- Gateway A --- Internet --- Gateway B --- Network B The network to network connection works fine. However, there was some problem when I use both network to network and gateway to network connection. Both ipsec

Hello Daniel, > If I can get this to work the next step would be to create a tunnel > between the linux box and the FW-1 server. (freeswan / ipsec) I think this would be easier than to tunnel ipsec through from a windows client behind your firewall. Add these config options to your ipsec.conf if you want to connect vom linux to checkpoint: keyingtries=0 pfs=no Currently I

Sorry Dag, it is possible to use linux as a roadwarrior client: http://www.fw-1.de/aerasec/ng/vpn-racoon/CP-VPN1-NG-Linux-racoon-roadwarrior.html -------- Original Message -------- Subject: Re: [CentOS] Connecting CentOS to IPSEC VPN (Checkpoint FW1) Date: Mon, 21 Aug 2006 15:20:55 +0200 From: carlopmart <carlopmart at gmail.com> To: CentOS mailing list <centos at centos.org>

Hi , I have setup site-to-site IPSEC tunnel using Freeswan and Shorewall. I have 3 sites, One central site called site-A, and 2 remote sites called site-B and site-C. Now site-A can communicate with site-B and site-C repectively. I want to enable site-B talk to site-C using Tunnel hub configuration. I have enabled the shorewall policy on site-A server so that site-B can talk site-C, but it

Hi, Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey on which I have one address on my side acting as an SNAT router for all traffic from my network to a network segment on the far side. my network --- my gateway ---------------------- remote network 10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22 All traffic starts on my side, so if I can