04-29-2008
Problem while establishing ISAKMP in ipsec
Hi,
I am facing problem while setting up ISAKMP between two hosts.
I can see only the Initiator messages but no responder messages in tcpdump. Does anyone know the cause of this behaviour?
FYI, here is the extracted information from tcpdump :
14:47:08.699113 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:08.699120 IP 10.118.231.130 > 10.118.231.143: icmp 164: 10.118.231.130 udp port isakmp unreachable
14:47:28.610347 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:28.610353 IP 10.118.231.130 > 10.118.231.143: icmp 164: 10.118.231.130 udp port isakmp unreachable
14:47:53.540184 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:53.583540 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:53.626519 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident[E]
14:47:53.661367 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 2/others I oakley-quick[E]
14:47:53.705619 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 2/others I oakley-quick[E]
Regards
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello there, just a quick question.....Can someone please explain the concept that enables you to establish a connection using the same userId
Thanx (1 Reply)
Discussion started by: BigTool4u2
1 Replies
2. Shell Programming and Scripting
Hi everybody i need your help on this I have LAN which run Sun microsystem with solaris 7 OS on each of the servers. The LAN was working fine before an interruption of power supply which makes servers to operating as standalone servers. i.e none of the servers have access to one another. How do i... (2 Replies)
Discussion started by: sbmada
2 Replies
3. SuSE
Hi, I am trying to use nomachine nx server and client. But somehow it doen't work. What happens is the following:
1.- Client starts up
2.- Client authenticates with Server
3.- The NoMachine window appears for 2-4 seconds
4.- The NoMachine window exists
Somehow a "closeEvent" is sent.... (3 Replies)
Discussion started by: blackicecube
3 Replies
4. BSD
Hi, this is my first post...:p
Hello Admin :)
Can I have an ask for something with my configuration ?
I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely.
I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies
5. Ubuntu
we designed a primitive operating system for learning basics fundamentals and we created process switching, interrupt/polled IO for device drivers like UART and printers. We accomplish this by using our own tools called SPEDE (for downloading compiled elf image from host ubuntu system that have... (0 Replies)
Discussion started by: bicepjai
0 Replies
6. Cybersecurity
hello,
after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration!
I also generate different key for AH and ESP as i have shown below.
what is my problem and what should i do to have ping and test the configuration?
code:
... (0 Replies)
Discussion started by: elinaz
0 Replies
7. Shell Programming and Scripting
Hello Guys ,
I have been working on a script where we are looking to connect a remote Xserver from a Unix box. Once a connection is made , i need to run several commands on remote machine to check various stuffs.
As per my knowledge on unix (which is like a drop in ocean) , i found SSH as a... (7 Replies)
Discussion started by: himanshu sood
7 Replies
8. Red Hat
Hi All,
If I disable the iptables on the server then I can use the command
mount -t cifs //192.168.122.21/sharedata tmpdata -o username=smbuser4,password=1234
If I enable the iptables. However I have use the commands on server
iptables -A INPUT -m state --state NEW -m udp -p udp --dport... (1 Reply)
Discussion started by: joj123
1 Replies
9. UNIX for Beginners Questions & Answers
Hi Everyone,
I am trying to send files from Linux to DataPower server using public key based authentication but it's not working as expected and every-time password expecting for sftp transfer.
Can someone please help on this?
Steps I fallowed:
Created keys pair at source server... (4 Replies)
Discussion started by: renukeswar
4 Replies
10. Solaris
I am trying to establish passwordless connectivity between server A and server B, but unsuccessfuly, because I beleive two issues.
the first one is that on both servers, it is not possible to use root to login, it only allows to connect using a user (any) them su - root, which in turns I am able... (1 Reply)
Discussion started by: fretagi
1 Replies
LEARN ABOUT DEBIAN
device::usb::faq
Device::USB::FAQ(3pm) User Contributed Perl Documentation Device::USB::FAQ(3pm)
NAME
Device::USB::FAQ - Frequently Asked Questions for Device::USB
SYNOPSIS
perldoc Device::USB::FAQ
DESCRIPTION
This is an attempt to answer some of the frequently asked questions about the Device::USB module
QUESTIONS
Which platforms does Device::USB support?
"Device:USB" supports any platform that "libusb" supports. This list currently includes Linux, FreeBSD, NetBSD, OpenBSD, Darwin, and MacOS
X.
There is a port of the "libusb" library to the Windows environment called "LibUsb-Win32". Because I don't have a development environment
for testing this library, "Device::USB" does not yet support this library.
Do I have to use Device::USB as root?
By default, access to the USB devices on a Unix-based system appear to be limited to the root account. This usually causes access to most
of the "libusb" features to fail with a permission error.
Using the "Device::USB" module as root avoids this feature, but is not very satisfying from a security standpoint. (See the next question
for more options.)
How do I enable use of Device::USB as a non-root user?
Some of the attributes of USB devices are available to non-root users, but accessing many of the more interesting features require special
privileges. According to the libusb source, the "open()" function requires either device nodes to be present or the usbfs file system to
be mounted in specific locations. Those places in order are:
1) /dev/bus/usb - pre-2.6.11: via devfs / post-2.6.11: via udev
2) /proc/bus/usb - usbfs
Look in both locations on your system for which of these two methods your libusb will use.
No matter which method your system uses, you will probably want to create a separate group to control access. Run this command to add a
system group:
addgroup --system usb
or
groupadd --system usb
You can then add users to that group to allow access to your usb devices.
DEVFS / HOTPLUG
TODO
UDEV
If you use Debian/Ubuntu, look in the /etc/udev/permissions.rules file. If you want to allow global access to all usb devices, make this
change:
Change this:
SUBSYSTEM=="usb_device", MODE="0664"
To this:
SUBSYSTEM=="usb_device", MODE="0664", GROUP="usb"
After you reboot, all usb devices will inherit the mode and group specified.
If you want to only change permissions for certain devices, you can add this on one line and adjust the product and vendor IDs:
SUBSYSTEM=="usb_device", GROUP="usb",
SYSFS{idVendor}=="1234", SYSFS{idProduct}=="1234"
USBFS
The usbfs defaults to root as the user and group. This can be changed in the /etc/fstab by adding the following on one line:
none /proc/bus/usb usbfs noauto,
listuid=0,listgid=118,listmode=0664,
busuid=0,busgid=118,busmode=0775,
devuid=0,devgid=118,devmode=0664
0 0
The value 118 in the above should be replaced with the group id of your usb group (created above). The list* values are to allow listing
devices, the bus* is to control access to the bus directories and the dev* values control access to the device files. This approach does
not allow the kind of granular permission that the udev approach gives, so it is all or nothing unless permissions are changed
programmatically.
If your /etc/fstab file already has a line for /proc/bus/usb, add the options above to the line that is already there rather than adding
the new line. For example, you would change
usbfs /proc/bus/usb usbfs noauto 0 0
to
usbfs /proc/bus/usb usbfs noauto,
listuid=0,listgid=118,listmode=0664,
busuid=0,busgid=118,busmode=0775,
devuid=0,devgid=118,devmode=0664
0 0
Once again, this needs to be all on one line with the "" characters removed.
SEE ALSO
Device::USB and the "libusb" library site at <http://libusb.sourceforge.net/>.
AUTHOR
G. Wade Johnson (wade at anomaly dot org) Paul Archer (paul at paularcher dot org)
Houston Perl Mongers Group
ACKNOWLEDGEMENTS
Thanks go to various users who submitted questions and answers for the list. In particular, Anthony L. Awtrey who contributed the first FAQ
answer.
COPYRIGHT & LICENSE
Copyright 2006 Houston Perl Mongers
This document is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
perl v5.14.2 2006-09-03 Device::USB::FAQ(3pm)