Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: VPN IPSec Openswan
Special Forums IP Networking VPN IPSec Openswan Post 302909177 by ivancd on Tuesday 15th of July 2014 06:11:24 AM
Old 07-15-2014
VPN IPSec Openswan
Hi all,

I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side ( private ip ) the packet for that tunnel trying to go out from the interface that have public ip. And for the other tunnel they are not going anyway. All this is on a linux machine CentOS, with eth0 - public ip address, eth0:0 and eth0:1 are private for the tunnels. Can someone help me out here because i need this thing to work ( it's a production ) and i have lost a whole week.

Thanks in advanced !
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

IPSec - VPN using shared key

Hello! I have some trouble trying to configure a VPN with two gateways. One of them uses IPSec with a single key, 256bits length, specified in /etc/ipsec.secrets. As FreeSwan manual page says, if i put esp=3des-md5-96, will be used a "64bit IV key (internally generated), a 192bit 3des ekey and a... (3 Replies)
Discussion started by: eNTer
3 Replies

2. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

3. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

4. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

5. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

6. AIX

Allow port range using IPsec?

Hi Guys, Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port? I'm sure it must be possible but I am unable to find the syntax. Thanks Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies

7. IP Networking

IPSec Openswan Site to Site VPN - Big Pain

Hi @all, I try to connect 2 LANs with IPSec/Openswan LAN 1: 192.168.0.0/24 LAN 2: 192.168.1.0/24 This is my Config: conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

8. IP Networking

Openswan with Cisco ASA

Hi all, I need this as soon as possible to solve it or at least to find out what is the problem. I have configured IPSec tunnels with Openswan and Cisco ASA, i have established a connection and the ping was fine, but after some time there is request time out from both sites. I don't have ASA... (0 Replies)
Discussion started by: ivancd
0 Replies

9. IP Networking

Best tool to monitor VPN IPSEC Tunneling

We are using cyberoam device, VPN IPSEC tunnel is going of frequently even the traffic is throug. Please suggest what may be the cause for the above mentioned issue. Also suggest a best tool to monitor the same VPN IPSEC tunnel connectivity. (4 Replies)
Discussion started by: marunmeera
4 Replies

LEARN ABOUT HPUX

ipsec_migrate

ipsec_migrate(1M)														 ipsec_migrate(1M)

NAME

       ipsec_migrate - HP-UX IPSec configuration file migration tool

SYNOPSIS


DESCRIPTION

       is a utility for migrating HP-UX IPSec configuration files to the current version.  The utility stores backup copies of the following files
       in the directory before converting them:

       If the certificate data files and exist on the system, prompts for the HP-UX IPSec password and uses the password to decrypt  the  certifi-
       cate data files.  The utility then converts and stores the certificate data in new files under the directory.

       requires the optional HP-UX IPSec software.

   Migrating HP-UX IPSec version A.02.01 to version A.03.00
       The utility performs the following tasks when migrating configuration data from HP-UX IPSec version A.02.01 to version A.03.00:

		 o  Converts policies to policy objects.

		    The  utility  ignores the IKE authentication value in policies.  IKEv1 policies do not include a value for the IKE authentica-
		    tion method.  The IKE authentication method is specified in authentication records using the and arguments.

		    The converts the value to a value for perfect forward secrecy IKEv1 policies do not include a value for maximum  quick  modes.
		    If the value is 1, creates an policy with If the value is greater than 1, creates an IKEv1 policy with

		    Note: Do not enable IKEv1 PFS with a system using an HP-UX IPSec release prior to A.03.00.

		    The converts values in the hash field to IKE DES encryption is obsolete.

		 o  Adds  a  priority value to authentication records.	The utility sorts existing authentication records using the address prefix
		    length (longest to shortest).  The migration utility sets the priority for the first record  to  the  value  of  the  priority
		    parameter  value  in  the  AuthPolicy-Defaults  section of the HP-UX IPSec profile file; the default priority value is 10. The
		    utility increments the priority value for each subsequent record by the priority value.

		 o  Replaces DES transforms and nested transforms in host and tunnel policies with the default actions in the file. For host poli-
		    cies, the default action is For tunnel policies, the default action is the transform.

		 o  If	the and files exist, the extracts and converts the private key, local certificate, and CA certificate from these files and
		    stores them in new files under the directory.

		 o  If the file exists, creates a softlink to the file.  The file is a script that retrieves the CRL from an  LDAP  directory  and
		    can be executed from a cron job.

RETURN VALUE

       Upon successful completion, returns 0; otherwise it returns 1.

ERRORS

       fails if any of the following conditions is encountered:

	      o  Command used incorrectly - Usage message is returned.

	      o  The user is not the superuser.

	      o  The file specified in the option does not exist.

	      o  The file specified in the option is not a regular file.

	      o  The file specified in the option is not readable.

	      o  The file specified in the option is not an valid configuration file.

	      o  The file specified in the option exists.

	      o  The file is missing or corrupted.

	      o  Based on the information in cannot build a valid set of transformations to transform the file specified in the option to the file
		 specified in the option.

WARNINGS

       requires the optional HP-UX IPSec software.

AUTHOR

       was developed by HP.

FILES

       SEE ALSO
	      ipsec_config(1M),  ipsec_config_add(1M),	ipsec_config_batch(1M),   ipsec_config_delete(1M),   ipsec_config_export(1M),	ipsec_con-
	      fig_show(1M), ipsec_policy(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required					 ipsec_migrate(1M)
All times are GMT -4. The time now is 11:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy