Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: IPSec - VPN using shared key
Special Forums Cybersecurity IPSec - VPN using shared key Post 34114 by Neo on Tuesday 4th of February 2003 02:38:30 PM
Old 02-04-2003
You don't need to 'split the key'... the key (shared secret) is symmetric, not asymmetric. You simply use the same (shared secret) key on both ends of the IPSEC VPN tunnel.

Each end will use the (shared secret) key to generate a session key.
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

How to interpret the shared memory key

I'm facing a problem interpreting the shared memory key on an AIX machine. (1) I go to a property file and I see the following: shm_key = "119112066" (2) So I now go the command prompt and do this: ipcs -m | grep 119112066 And, I do not find it. So what I do is to run the... (2 Replies)
Discussion started by: vijaygade
2 Replies

2. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

3. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

4. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

5. Programming

Shared library with acces to shared memory.

Hello. I am new to this forum and I would like to ask for advice about low level POSIX programming. I have to implement a POSIX compliant C shared library. A file will have some variables and the shared library will have some functions which need those variables. There is one special... (5 Replies)
Discussion started by: iamjag
5 Replies

6. IP Networking

VPN IPSec Openswan

Hi all, I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side (... (4 Replies)
Discussion started by: ivancd
4 Replies

7. IP Networking

IPSec Openswan Site to Site VPN - Big Pain

Hi @all, I try to connect 2 LANs with IPSec/Openswan LAN 1: 192.168.0.0/24 LAN 2: 192.168.1.0/24 This is my Config: conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies

8. IP Networking

Best tool to monitor VPN IPSEC Tunneling

We are using cyberoam device, VPN IPSEC tunnel is going of frequently even the traffic is throug. Please suggest what may be the cause for the above mentioned issue. Also suggest a best tool to monitor the same VPN IPSEC tunnel connectivity. (4 Replies)
Discussion started by: marunmeera
4 Replies

LEARN ABOUT OSX

racoon

RACOON(8)						    BSD System Manager's Manual 						 RACOON(8)

NAME

     racoon -- IKE (ISAKMP/Oakley) key management daemon

SYNOPSIS

     racoon [-46BdFLv] [-f configfile] [-l logfile]

DESCRIPTION

     racoon is used to setup and maintain an IPSec tunnel or transport channel, between two devices, over which network traffic is conveyed
     securely.	This security is made possible by cryptographic keys and operations on both devices.  racoon relies on a standardized network pro-
     tocol (IKE) to automatically negotiate and manage the cryptographic keys (e.g. security associations) that are necessary for the IPSec tunnel
     or transport channel to function.	racoon speaks the IKE (ISAKMP/Oakley) key management protocol, to establish security associations with
     other hosts.  The SPD (Security Policy Database) in the kernel usually triggers racoon.  racoon usually sends all informational messages,
     warnings and error messages to syslogd(8) with the facility LOG_DAEMON and the priority LOG_INFO.	Debugging messages are sent with the pri-
     ority LOG_DEBUG.  You should configure syslog.conf(5) appropriately to see these messages.

     -4

     -6      Specify the default address family for the sockets.

     -B      Install SA(s) from the file which is specified in racoon.conf(5).

     -d      Increase the debug level.	Multiple -d arguments will increase the debug level even more.

     -F      Run racoon in the foreground.

     -f configfile
	     Use configfile as the configuration file instead of the default.

     -L      Include file_name:line_number:function_name in all messages.

     -l logfile
	     Use logfile as the logging file instead of syslogd(8).

     -v      This flag causes the packet dump be more verbose, with higher debugging level.

     racoon assumes the presence of the kernel random number device rnd(4) at /dev/urandom.

RETURN VALUES

     The command exits with 0 on success, and non-zero on errors.

FILES

     /private/etc/racoon/racoon.conf	   default configuration file.
     /private/etc/racoon/psk.txt	   default pre-shared key file.

SEE ALSO

     ipsec(4), racoon.conf(5), syslog.conf(5), setkey(8), syslogd(8)

HISTORY

     The racoon command first appeared in the ``YIPS'' Yokogawa IPsec implementation.

SECURITY CONSIDERATIONS

     The use of IKE phase 1 aggressive mode is not recommended, as described in http://www.kb.cert.org/vuls/id/886601.

BSD
								 November 20, 2000							       BSD
All times are GMT -4. The time now is 06:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy