01-05-2015
Maybe you can option it for more retries, longer wait so the IPSEC tunnel is more robust?
9 More Discussions You Might Find Interesting
1. Cybersecurity
Hello! I have some trouble trying to configure a VPN with two gateways. One of them uses IPSec with a single key, 256bits length, specified in /etc/ipsec.secrets. As FreeSwan manual page says, if i put esp=3des-md5-96, will be used a "64bit IV key (internally generated), a 192bit 3des ekey and a... (3 Replies)
Discussion started by: eNTer
3 Replies
2. UNIX for Dummies Questions & Answers
Hello,
Does any one knows any tools or method to monitor users all activities on Solaris 8, including command and its result. Similar to 'script' ???
Thanks
nana (3 Replies)
Discussion started by: nana
3 Replies
3. UNIX for Advanced & Expert Users
Hello,
I am within a LAN system and I need to be able to tunnel out (and recv UDP) packets.
Currently the router automatically drops UDP packets.
My PC cant see the outside world, nor ping, but it can connect via SSH to a server on the "edge" of the network which can see everything. I... (2 Replies)
Discussion started by: ErNci
2 Replies
4. Solaris
Hi,
I have tried the following:
on PC1 (win xp) I have created ssh connection with port forwarding
(local 8888 to remote 8888) to server1.
>From server1 I have created another ssh connection with port
forwarding to server2(local 8888 to remote 1521).
When I try to connect to oracle... (3 Replies)
Discussion started by: goran00
3 Replies
5. UNIX for Advanced & Expert Users
Was wonder if there was a tool or program I could run to measure throughput on our CentoS 4.x server. Our current dedicated host provider is charging us by how much throughput we are using and I just want to see if their numbers add up to whatever I get using a throughput tool of some kind.
... (6 Replies)
Discussion started by: mcraul
6 Replies
6. AIX
Dear experts ,
Pls advice for any good Tool to monitor the CPU and performance of AIX the system ..
to keep monitoring to show me the utilization of that system .. (12 Replies)
Discussion started by: Mr.AIX
12 Replies
7. IP Networking
Hello,
I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue.
... (0 Replies)
Discussion started by: salukibob
0 Replies
8. IP Networking
Hi all,
I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side (... (4 Replies)
Discussion started by: ivancd
4 Replies
9. IP Networking
Hi @all,
I try to connect 2 LANs with IPSec/Openswan
LAN 1: 192.168.0.0/24
LAN 2: 192.168.1.0/24
This is my Config:
conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies
LEARN ABOUT DEBIAN
ipsec_klipsdebug
IPSEC_KLIPSDEBUG(5) [FIXME: manual] IPSEC_KLIPSDEBUG(5)
NAME
ipsec_klipsdebug - list KLIPS (kernel IPSEC support) debug features and level
SYNOPSIS
ipsec klipsdebug
cat/proc/net/ipsec_klipsdebug
DESCRIPTION
/proc/net/ipsec_klipsdebug lists flags that control various parts of the debugging output of KLIPS and MAST, two of the IPsec stacks
supported by Openswan. At this point it is a read-only file.
A table entry consists of:
+
a KLIPS debug variable
+
a '=' separator for visual and automated parsing between the variable name and its current value
+
hexadecimal bitmap of variable's flags.
The variable names roughly describe the scope of the debugging variable. Currently, no flags are documented or individually accessible yet
except tunnel-xmit.
The variable names are:
tunnel
tunnelling code
netlink
userspace communication code (obsolete)
xform
transform selection and manipulation code
eroute
eroute table manipulation code
spi
SA table manipulation code
radij
radij tree manipulation code
esp
encryptions transforms code
ah
authentication transforms code
rcv
receive code
ipcomp
ip compression transforms code
verbose
give even more information, beware this will probably trample the 4k kernel printk buffer giving inaccurate output
All KLIPS debug output appears as kernel.info messages to syslogd(8). Most systems are set up to log these messages to /var/log/messages.
EXAMPLES
debug_tunnel=00000010.
debug_netlink=00000000.
debug_xform=00000000.
debug_eroute=00000000.
debug_spi=00000000.
debug_radij=00000000.
debug_esp=00000000.
debug_ah=00000000.
debug_rcv=00000000.
debug_pfkey=ffffffff.
means that one tunnel flag has been set (tunnel-xmit), full pfkey sockets debugging has been set and everything else is not set.
FILES
/proc/net/ipsec_klipsdebug, /usr/local/bin/ipsec
SEE ALSO
ipsec(8), ipsec_manual(8), ipsec_tncfg(8), ipsec_eroute(8), ipsec_spi(8), ipsec_spigrp(8), ipsec_klipsdebug(5), ipsec_version(5),
ipsec_pf_key(5)
HISTORY
Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs.
[FIXME: source] 10/06/2010 IPSEC_KLIPSDEBUG(5)