Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to establish site to site vpn - Linux machine and cisco asa?
Special Forums IP Networking How to establish site to site vpn - Linux machine and cisco asa? Post 302763733 by ashokvpp on Wednesday 30th of January 2013 11:45:16 AM
Old 01-30-2013
How to establish site to site vpn - Linux machine and cisco asa?
Hi,

I am trying to establish vpn between my linux server and cisco asa at client side.

I installed openswan on my cent os.

Linux Server
Code:
eth0 - 182.2.29.10    [ I have public IP]

Gateway - 182.2.29.1 [ and gw]



eth1 - 192.9.200.75  [ Internal Lan i/f]


I have simple IPtables Like
WAN="eth0"
LAN="eth1"
 iptables -t nat -A POSTROUTING -o $WAN -j SNAT --to 182.2.29.10


iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i $LAN -j ACCEPT
iptables -A INPUT -i $WAN -j ACCEPT
 




iptables -A FORWARD -i lo -j ACCEPT
iptables -A FORWARD -i $LAN -j ACCEPT
iptables -A FORWARD -i $LAN -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $WAN -m state --state ESTABLISHED,RELATED -j ACCEPT
 


iptables -A FORWARD -s 192.9.200.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -d 192.9.200.0/255.255.255.0 -j ACCEPT
 


iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

Client side Cisco ASA - Device

Code:
Provided details :

BD gateway ip is 212.2.7.15 [ Public IP]
Source IP :- 192.168.91.224 
ESP-3DES-SHA1
 Lifetime is 86400 seconds (Phase-1) & 3600 seconds (Phase-2)
 Authentication is pre-shared

I need advise on configuring ipsec.conf and ipsec.secrets and what IP tables rules I need to add / modify.

Thanks

Best
Ashok
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Moving machine to other site

Hi, IŽd like to have some opinions of waht settings we should take note before power down a server and move it to other facilities. Of course, the first thing is check the backups. Thanks in advance. (1 Reply)
Discussion started by: spacewalker
1 Replies

2. What is on Your Mind?

New Site/Info for Linux Users

Check out this site. This will be helpful for all. Link removed. (3 Replies)
Discussion started by: jadebellant
3 Replies

3. IP Networking

port access to site to site VPN

Setup a site to site VPN between two cisco routers. One of the site locations is unable to access ports such as https://example.com:9001 How do I let them go into port 9001? They can ssh, ftp, telnet and everything else. Is this a VPN issue or ACL access issue? I put permit ip host... (0 Replies)
Discussion started by: photon
0 Replies

4. IP Networking

Does cisco 1921 router support site to site VPNs using IPSec?

Q: "Does Cisco 1921 router support,, act as an endpoint for, site to site VPNs using IPSec? If so, how many? " A: If you get the Cisco 1921/k9 with the security services bundle then it will have built in security features. Cisco, typically includes IP Sec tunnels I believe as part of that... (0 Replies)
Discussion started by: Ayaerlee
0 Replies

5. IP Networking

Cisco 3750 Switch ASA VPN Routing

Hi,I want connect my ASA 5510 firewall to a 3750 switch with RIP routing. Unfortunately,I am having issues passing the VPN subnet through rip to the 3750.I don't understand how the routing table is populated on the ASA. Any suggestions? (0 Replies)
Discussion started by: Ayaerlee
0 Replies

6. IP Networking

IPSec Openswan Site to Site VPN - Big Pain

Hi @all, I try to connect 2 LANs with IPSec/Openswan LAN 1: 192.168.0.0/24 LAN 2: 192.168.1.0/24 This is my Config: conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

7. IP Networking

Openswan with Cisco ASA

Hi all, I need this as soon as possible to solve it or at least to find out what is the problem. I have configured IPSec tunnels with Openswan and Cisco ASA, i have established a connection and the ping was fine, but after some time there is request time out from both sites. I don't have ASA... (0 Replies)
Discussion started by: ivancd
0 Replies

LEARN ABOUT HPUX

asa

asa(1)							      General Commands Manual							    asa(1)

NAME

       asa - interpret ASA carriage control characters

SYNOPSIS

       [files]

DESCRIPTION

       interprets  the	output	of  FORTRAN  programs that utilize ASA carriage control characters.  It processes either the files whose names are
       given as arguments, or the standard input if is specified or if no file names are given.  The first character of each line is assumed to be
       a control character.  The following control characters are interpreted as indicated:

	      (blank) Output a single new-line character before printing.

	      (space) (UNIX Standard only, see standards(5)) The rest of the line will be output without change.

	      A <newline> shall be output, then the rest of
		      the input line.

	      Output a new-page character before printing.

	      Overprint previous line.

	      (UNIX Standard only, see
		      standards(5))  The  <newline> of the previous line shall be replaced with one or more implementation-defined characters that
		      causes printing to return to column position 1, followed by the rest of the input line. If the + is the first  character	in
		      the input, it shall have the same effect as <space>.

       Lines  beginning  with other than the above characters are treated the same as lines beginning with a blank.  The first character of a line
       is printed.  If any such lines appear, an appropriate diagnostic is sent to standard error.  This program forces the  first  line  of  each
       input file to start on a new page.

       (UNIX Standard only, see standards(5)) The action of the asa utility is unspecified upon encountering any character other than those listed
       above as the first character in a line.

       To view the output of FORTRAN programs which use ASA carriage control characters and have them appear in normal form, can be used as a fil-
       ter:

       The output, properly formatted and paginated, is then directed to the line printer.  FORTRAN output previously sent to a file can be viewed
       on a user terminal screen by using:

EXTERNAL INFLUENCES

       For information about the UNIX standard environment, see standards(5).

   Environment Variables
       determines the interpretation of text within file as single- and/or multi-byte characters.

       determines the language in which messages are displayed.

       If or is not specified in the environment or is set to the empty string, the value of is used as a default for each  unspecified  or  empty
       variable.  If is not specified or is set to the empty string, a default of "C" (see lang(5)) is used instead of

       If  any	internationalization  variable	contains an invalid setting, behaves as if all internationalization variables are set to "C".  See
       environ(5).

   International Code Set Support
       Single- and multi-byte character code sets are supported.

SEE ALSO

       efl(1), f77(1), ratfor(1), standards(5).

STANDARDS CONFORMANCE

																	    asa(1)
All times are GMT -4. The time now is 12:17 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy