|
|
Sponsored Content
Special Forums
Cybersecurity
IPSec - VPN using shared key
Post 34240 by Neo on Tuesday 11th of February 2003 10:08:56 AM
|
|
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I'm facing a problem interpreting the shared memory key on an AIX machine.
(1) I go to a property file and I see the following:
shm_key = "119112066"
(2) So I now go the command prompt and do this:
ipcs -m | grep 119112066
And, I do not find it. So what I do is to run the... (2 Replies)
Discussion started by: vijaygade
2 Replies
2. IP Networking
Hello,
I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue.
... (0 Replies)
Discussion started by: salukibob
0 Replies
3. Solaris
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Discussion started by: aixlover
1 Replies
4. Cybersecurity
hello,
after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration!
I also generate different key for AH and ESP as i have shown below.
what is my problem and what should i do to have ping and test the configuration?
code:
... (0 Replies)
Discussion started by: elinaz
0 Replies
5. Programming
Hello.
I am new to this forum and I would like to ask for advice about low level POSIX programming.
I have to implement a POSIX compliant C shared library.
A file will have some variables and the shared library will have some functions which need those variables.
There is one special... (5 Replies)
Discussion started by: iamjag
5 Replies
6. IP Networking
Hi all,
I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side (... (4 Replies)
Discussion started by: ivancd
4 Replies
7. IP Networking
Hi @all,
I try to connect 2 LANs with IPSec/Openswan
LAN 1: 192.168.0.0/24
LAN 2: 192.168.1.0/24
This is my Config:
conn HomeVPN # # Left security gateway, subnet behind it, nexthop toward right. left=192.168.1.29 ... (1 Reply)
Discussion started by: bahnhasser83
1 Replies
8. IP Networking
We are using cyberoam device, VPN IPSEC tunnel is going of frequently even the traffic is throug.
Please suggest what may be the cause for the above mentioned issue.
Also suggest a best tool to monitor the same VPN IPSEC tunnel connectivity. (4 Replies)
Discussion started by: marunmeera
4 Replies
LEARN ABOUT SUNOS
ike.preshared
ike.preshared(4) File Formats ike.preshared(4) NAME
ike.preshared - pre-shared keys file for IKE SYNOPSIS
/etc/inet/secret/ike.preshared DESCRIPTION
The /etc/inet/secret/ike.preshared file contains secret keying material that two IKE instances can use to authenticate each other. Because of the sensitive nature of this data, it is kept in the /etc/inet/secret directory, which is only accessible by root. Pre-shared keys are delimited by open-curly-brace ({) and close-curly-brace (}) characters. There are five name-value pairs required inside a pre-shared key: Name Value Example localidtype IP localidtype IP remoteidtype IP remoteidtype IP localid IP-address localid 10.1.1.2 remoteid IP-address remoteid 10.1.1.3 key hex-string 1234567890abcdef Comment lines with # appearing in the first column are also legal. Files in this format can also be used by the ikeadm(1M) command to load additional pre-shared keys into a running an in.iked(1M) process. EXAMPLES
Example 1: A Sample ike.preshared File The following is an example of an ike.preshared file: # # Two pre-shared keys between myself, 10.1.1.2, and two remote # hosts. Note that names are not allowed for IP addresses. # # A decent hex string can be obtained by performing: # od -x </dev/random | head # { localidtype IP localid 10.1.1.2 remoteidtype IP remoteid 10.21.12.4 key 4b656265207761732068657265210c0a } { localidtype IP localid 10.1.1.2 remoteidtype IP remoteid 10.9.1.25 key 536f20776572652042696c6c2c2052656e65652c20616e642043687269732e0a } SECURITY
If this file is compromised, all IPsec security associations derived from secrets in this file will be compromised as well. The default permissions on ike.preshared are 0600. They should stay this way. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsr | +-----------------------------+-----------------------------+ SEE ALSO
od(1), ikeadm(1M), in.iked(1M), ipseckey(1M), attributes(5), random(7D) SunOS 5.10 15 Oct 2001 ike.preshared(4)