Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: VPN IPSec Openswan
Special Forums IP Networking VPN IPSec Openswan Post 302912929 by ivancd on Tuesday 12th of August 2014 06:29:11 PM
Old 08-12-2014
Hey thanks for reply,

sorry didn't see that i have mails formatting my pc etc ... about the situation now everything is under control i see that there is some route in the Windows machines so now everything is fine and work perfect ...
thanks again for helping and sorry for the delay !
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

IPSec - VPN using shared key

Hello! I have some trouble trying to configure a VPN with two gateways. One of them uses IPSec with a single key, 256bits length, specified in /etc/ipsec.secrets. As FreeSwan manual page says, if i put esp=3des-md5-96, will be used a "64bit IV key (internally generated), a 192bit 3des ekey and a... (3 Replies)
Discussion started by: eNTer
3 Replies

2. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

3. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

4. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

5. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

6. AIX

Allow port range using IPsec?

Hi Guys, Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port? I'm sure it must be possible but I am unable to find the syntax. Thanks Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies

7. IP Networking

IPSec Openswan Site to Site VPN - Big Pain

Hi @all, I try to connect 2 LANs with IPSec/Openswan LAN 1: 192.168.0.0/24 LAN 2: 192.168.1.0/24 This is my Config: conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

8. IP Networking

Openswan with Cisco ASA

Hi all, I need this as soon as possible to solve it or at least to find out what is the problem. I have configured IPSec tunnels with Openswan and Cisco ASA, i have established a connection and the ping was fine, but after some time there is request time out from both sites. I don't have ASA... (0 Replies)
Discussion started by: ivancd
0 Replies

9. IP Networking

Best tool to monitor VPN IPSEC Tunneling

We are using cyberoam device, VPN IPSEC tunnel is going of frequently even the traffic is throug. Please suggest what may be the cause for the above mentioned issue. Also suggest a best tool to monitor the same VPN IPSEC tunnel connectivity. (4 Replies)
Discussion started by: marunmeera
4 Replies

LEARN ABOUT HPUX

ipsec_config

ipsec_config(1M)														  ipsec_config(1M)

NAME

       ipsec_config - add, delete, export, and show HP-UX IPSec configuration objects in the HP-UX IPSec configuration database

SYNOPSIS


       [operation [object_type]]

DESCRIPTION

       The  command  adds, deletes, exports, and shows HP-UX IPSec configuration objects in the HP-UX IPSec configuration database, If HP-UX IPSec
       is active and running, also updates the HP-UX runtime IPSec policy database and runtime IKE information (IKE  policies  and  authentication
       records).

       You must be superuser to run

       The  utility  can operate in command-line mode or batch mode.  In command-line mode, reads all input from the command line.  In batch mode,
       reads add and delete operations from a file.  Batch mode allows administrators to add and delete  multiple  configuration  objects  in  one
       operation.  HP-UX IPSec processes the operations in a batch file as a group.  Batch mode is useful if you are adding or deleting configura-
       tion records that may affect other records.

       HP recommends that you use a batch file to add configuration information.  A batch file provides a permanent record  of	the  configuration
       data and can be used to re-create the configuration database.

       Separate  command  arguments  using whitespace (blanks, tabs or newlines).  Use a backslash line continuation character to continue command
       input on subsequent lines.

   Operations and Object Types
       The command supports the following operations:

	    See
	       ipsec_config_add(1M) for more information.
	    See
	       ipsec_config_batch(1M) for more information.
	    See
	       ipsec_config_delete(1M) for more information.
	    See
	       ipsec_config_export(1M) for more information.
	    See
	       ipsec_config_show(1M) for more information.

       object_type can be one of the following:

	    Authentication records, which specify Internet Key Exchange (IKE)
			   versions, authentication methods, identity information and preshared keys.

	    Bypass addresses.

	    security certificate for a Certificate Authority (used for IKE authentication
			   with RSA signatures).

	    Certificate Revocation List (CRL).
			   A CRL contains a list of revoked X.509 security certificates.  If you have a CRL, HP-UX IPSec check it during  the  IKE
			   authentication process to verify that the remote system's security certificate is valid (not revoked).

	    Certificate Signing Request (CSR), which the HP-UX IPSec
			   administrator can submit to a Certificate Authority (CA) to request a signed X.509 security certificate.

	    Host IPsec policies, which specify HP-UX IPSec behavior for
			   processing IP packets when the local system is an end host.

	    IKE version 1 (IKEv1) policies.

	    IKE version 2 (IKEv2) policies.

	    security certificate for the local system (used for IKE authentication
			   with RSA signatures).

	    Start-up options.

	    Tunnel IPsec policies, which specify IPsec tunnel transform parameters.

   Configuring Objects
       In most HP-UX IPSec topologies, you must configure the following objects:

	      o  Host IPsec policies

	      o  Authentication records (IKE ID information and preshared keys)

       To  establish IPsec security, you must also have an IKE version 1 (IKEv1) or IKE version 2 (IKEv2) policy. The HP-UX IPSec product installs
       a default IKEv1 policy and a default IKEv2 policy. You can use these default policies without modifications in many topologies.

       HP recommends that you use the following procedure to configure HP-UX IPSec:

	    1.	Create a batch file to configure IPsec policies and authentication records.  An IKEv1 or IKEv2 policy is  also	required,  but	in
		most  cases  you can use the default IKEv1 or IKEv2 installed with the product.  If you want to configure host-to-host IPsec poli-
		cies and use IKE with preshared keys for IKE authentication, create a batch file to contain the following statements:

		   See the command subsection in ipsec_config_add(1M) for syntax and usage information.

		   If you are using HP-UX IPSec with certificates (RSA signatures) for IKE authentication, you must also use  the  following  com-
		   mands to configure certificates:

		   You must enter the above commands at the command-line prompt.  (You cannot specify them in an batch file).

		   The	command  creates a certificate signing request (CSR). As an alternative, you can use a utility provided by the certificate
		   vendor to create the CSR.

	    2.	   Test the syntax of your batch file by entering the following command:

		   The option verifies the syntax without adding objects to the database.

	    3.	   If the syntax is correct, add the configuration information to the configuration database by entering the following command:

	    4.	   Start and verify HP-UX IPSec.  Use the following command to start HP-UX IPSec:

		   Generate network traffic that uses IPsec.  Use the following command to verify operation:

		   Verify that HP-UX IPSec has created Security Associations (SAs) with the appropriate systems.

	    5.	   Use the command to configure HP-UX IPSec to automatically start at system boot-up time.

   ipsec_config Help
       The displays help and usage information for the HP-UX IPSec operations.	Use the following syntax to access help:

	      [operation [option_type]]

EXAMPLES

       You have two systems, Apple and Banana Apple and Banana are not multihomed.  You want to secure all telnet packets between the two  systems
       using  IPsec  ESP  with	AES,  authenticated with SHA-1. The IKE version is IKEv1.  This is a private network, and you will allow all other
       packets to pass in clear text.  You use the default IKEv1 policy.

       On Apple, you configure:

	      o      Two host IPsec policies
	      o      One authentication record

       The first host IPsec policy, telnetAB, secures outbound telnet connections (Apple is the telnet client).  You do not need  to  specify  the
       source  argument,  since  it  will default to any IP address and any port, and the telnet client port number is dynamically allocated.  The
       second policy, telnetBA, secures inbound telnet connections (Apple is the telnet server).

       The authentication record specifies the preshared key value used with (Banana):

       The configuration on Banana is the mirror image of the configuration on Apple:

AUTHOR

       was developed by HP.

FILES

       configuration database.

       default			profile file.

SEE ALSO

       ipsec_admin(1M), ipsec_config_add(1M),  ipsec_config_batch(1M),	ipsec_config_delete(1M),  ipsec_config_export(1M),  ipsec_config_show(1M),
       ipsec_migrate(1M), ipsec_policy(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required					  ipsec_config(1M)
All times are GMT -4. The time now is 07:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy