Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Best tool to monitor VPN IPSEC Tunneling
Special Forums IP Networking Best tool to monitor VPN IPSEC Tunneling Post 302930518 by DGPickett on Monday 5th of January 2015 08:32:25 AM
Old 01-05-2015
Maybe you can option it for more retries, longer wait so the IPSEC tunnel is more robust?
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

IPSec - VPN using shared key

Hello! I have some trouble trying to configure a VPN with two gateways. One of them uses IPSec with a single key, 256bits length, specified in /etc/ipsec.secrets. As FreeSwan manual page says, if i put esp=3des-md5-96, will be used a "64bit IV key (internally generated), a 192bit 3des ekey and a... (3 Replies)
Discussion started by: eNTer
3 Replies

2. UNIX for Dummies Questions & Answers

Tool to monitor user activity

Hello, Does any one knows any tools or method to monitor users all activities on Solaris 8, including command and its result. Similar to 'script' ??? Thanks nana (3 Replies)
Discussion started by: nana
3 Replies

3. UNIX for Advanced & Expert Users

Tunneling

Hello, I am within a LAN system and I need to be able to tunnel out (and recv UDP) packets. Currently the router automatically drops UDP packets. My PC cant see the outside world, nor ping, but it can connect via SSH to a server on the "edge" of the network which can see everything. I... (2 Replies)
Discussion started by: ErNci
2 Replies

4. Solaris

ssh tunneling

Hi, I have tried the following: on PC1 (win xp) I have created ssh connection with port forwarding (local 8888 to remote 8888) to server1. >From server1 I have created another ssh connection with port forwarding to server2(local 8888 to remote 1521). When I try to connect to oracle... (3 Replies)
Discussion started by: goran00
3 Replies

5. UNIX for Advanced & Expert Users

tool to monitor throughput

Was wonder if there was a tool or program I could run to measure throughput on our CentoS 4.x server. Our current dedicated host provider is charging us by how much throughput we are using and I just want to see if their numbers add up to whatever I get using a throughput tool of some kind. ... (6 Replies)
Discussion started by: mcraul
6 Replies

6. AIX

Tool to monitor the performance of the system ..

Dear experts , Pls advice for any good Tool to monitor the CPU and performance of AIX the system .. to keep monitoring to show me the utilization of that system .. (12 Replies)
Discussion started by: Mr.AIX
12 Replies

7. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

8. IP Networking

VPN IPSec Openswan

Hi all, I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side (... (4 Replies)
Discussion started by: ivancd
4 Replies

9. IP Networking

IPSec Openswan Site to Site VPN - Big Pain

Hi @all, I try to connect 2 LANs with IPSec/Openswan LAN 1: 192.168.0.0/24 LAN 2: 192.168.1.0/24 This is my Config: conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

LEARN ABOUT DEBIAN

ipsec_spigrp

IPSEC_SPIGRP(5) 						  [FIXME: manual]						   IPSEC_SPIGRP(5)

NAME

       ipsec_spigrp - list IPSEC Security Association groupings

SYNOPSIS

       ipsec spigrp
	     cat/proc/net/ipsec_spigrp

OBSOLETE

       Note that spigrp is only supported on the classic KLIPS stack. It is not supported on any other stack and will be completely removed in
       future versions. A replacement command still needs to be designed

DESCRIPTION

       /proc/net/ipsec_spigrp is a read-only file that lists groups of IPSEC Security Associations (SAs).

       An entry in the IPSEC extended routing table can only point (via an SAID) to one SA. If more than one transform must be applied to a given
       type of packet, this can be accomplished by setting up several SAs with the same destination address but potentially different SPIs and
       protocols, and grouping them with ipsec_spigrp(8).

       The SA groups are listed, one line per connection/group, as a sequence of SAs to be applied (or that should have been applied, in the case
       of an incoming packet) from inside to outside the packet. An SA is identified by its SAID, which consists of protocol ("ah", "esp", "comp"
       or "tun"), SPI (with '.' for IPv4 or ':' for IPv6 prefixed hexadecimal number ) and destination address (IPv4 dotted quad or IPv6 coloned
       hex) prefixed by '@', in the format <proto><af><spi>@<dest>.

EXAMPLES

       tun.3d0@192.168.2.110
	   comp.3d0@192.168.2.110 esp.187a101b@192.168.2.110 ah.187a101a@192.168.2.110

       is a group of 3 SAs, destined for 192.168.2.110 with an IPv4-in-IPv4 tunnel SA applied first with an SPI of 3d0 in hexadecimal, followed by
       a Deflate compression header to compress the packet with CPI of 3d0 in hexadecimal, followed by an Encapsulating Security Payload header to
       encrypt the packet with SPI 187a101b in hexadecimal, followed by an Authentication Header to authenticate the packet with SPI 187a101a in
       hexadecimal, applied from inside to outside the packet. This could be an incoming or outgoing group, depending on the address of the local
       machine.

       tun:3d0@3049:1::2
	   comp:3d0@3049:1::2 esp:187a101b@3049:1::2 ah:187a101a@3049:1::2

       is a group of 3 SAs, destined for 3049:1::2 with an IPv6-in-IPv6 tunnel SA applied first with an SPI of 3d0 in hexadecimal, followed by a
       Deflate compression header to compress the packet with CPI of 3d0 in hexadecimal, followed by an Encapsulating Security Payload header to
       encrypt the packet with SPI 187a101b in hexadecimal, followed by an Authentication Header to authenticate the packet with SPI 187a101a in
       hexadecimal, applied from inside to outside the packet. This could be an incoming or outgoing group, depending on the address of the local
       machine.

FILES

       /proc/net/ipsec_spigrp, /usr/local/bin/ipsec

SEE ALSO

       ipsec(8), ipsec_manual(8), ipsec_tncfg(5), ipsec_eroute(5), ipsec_spi(5), ipsec_klipsdebug(5), ipsec_spigrp(8), ipsec_version(5),
       ipsec_pf_key(5)

HISTORY

       Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs.

BUGS

       :-)

[FIXME: source] 						    10/06/2010							   IPSEC_SPIGRP(5)
All times are GMT -4. The time now is 09:53 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy