Go Back   The UNIX and Linux Forums > Special Forums > IP Networking
How to establish site to site vpn - Linux machine and cisco asa? How to establish site to site vpn - Linux machine and cisco asa?
Forums Search Forums Register Forum RulesMan PagesAlbums FAQ Members Calendar Search Today's Posts Mark Forums Read


IP Networking Learn TCP/IP, Internet Protocol, Routing, Routers, Network protocols in this UNIX and Linux forum.

Reply    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 01-30-2013
Registered User
  
Join Date: May 2012
Posts: 15
Thanks: 7
Thanked 0 Times in 0 Posts
How to establish site to site vpn - Linux machine and cisco asa?
Hi,

I am trying to establish vpn between my linux server and cisco asa at client side.

I installed openswan on my cent os.

Linux Server

Code:
eth0 - 182.2.29.10    [ I have public IP]

Gateway - 182.2.29.1 [ and gw]



eth1 - 192.9.200.75  [ Internal Lan i/f]


I have simple IPtables Like
WAN="eth0"
LAN="eth1"
 iptables -t nat -A POSTROUTING -o $WAN -j SNAT --to 182.2.29.10


iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i $LAN -j ACCEPT
iptables -A INPUT -i $WAN -j ACCEPT
 




iptables -A FORWARD -i lo -j ACCEPT
iptables -A FORWARD -i $LAN -j ACCEPT
iptables -A FORWARD -i $LAN -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $WAN -m state --state ESTABLISHED,RELATED -j ACCEPT
 


iptables -A FORWARD -s 192.9.200.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -d 192.9.200.0/255.255.255.0 -j ACCEPT
 


iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

Client side Cisco ASA - Device


Code:
Provided details :

BD gateway ip is 212.2.7.15 [ Public IP]
Source IP :- 192.168.91.224 
ESP-3DES-SHA1
 Lifetime is 86400 seconds (Phase-1) & 3600 seconds (Phase-2)
 Authentication is pre-shared

I need advise on configuring ipsec.conf and ipsec.secrets and what IP tables rules I need to add / modify.

Thanks

Best
Ashok
Sponsored Links
Reply

« IP address to host name conversion | Cant SSH Solaris servers »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
port access to site to site VPN photon IP Networking 0 12-15-2008 12:19 PM
Moving machine to other site spacewalker UNIX for Advanced & Expert Users 1 03-20-2006 09:48 AM



All times are GMT -4. The time now is 10:37 PM.

The UNIX and Linux Forums - Where There is a Shell There is a Way RSS Feeds - Contact Us - The UNIX and Linux Forums - Where There is a Shell There is a Way - Archive - Botnik - Top
SEO by vBSEO
The UNIX and Linux Forums Content Copyright ©1993-2013. All Rights Reserved.
Forum Operations by The UNIX and Linux Forums
Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.