IPSEC


 
Thread Tools Search this Thread
Special Forums Cybersecurity IPSEC
# 1  
Old 03-26-2012
IPSEC

hello,
after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration!
I also generate different key for AH and ESP as i have shown below.
what is my problem and what should i do to have ping and test the configuration?


code:
Code:
"# Configuration for (client)129.241.208.75  # Flush the SAD and SPD flush; spdflush;  
# Attention: Use this keys only for testing purposes! 
# Generate your own keys!  
# AH SAs using 128 bit long keys add 129.241.208.75 129.241.208.230 ah 0x200 -A hmac-md5         0xb3c37ea2137625efe089a666765d2097; add 129.241.208.230 129.241.208.75 ah 0x300 -A hmac-md5         0xb885cef75052fd4bdd01220cf0930a2f;  
# ESP SAs using 192 bit long keys (168 + 24 parity) add 129.241.208.75 129.241.208.230 esp 0x201 -E 3des-cbc         0xb0ed5648c7e39109a6017189c4f10ab88fd9b303114ef06c; add 129.241.208.230 129.241.208.75 esp 0x301 -E 3des-cbc         0xbde43d633d7be9cf04955f5cfc06490e95d6947d398e3fd6;  
# Security policies spdadd 129.241.208.75 129.241.208.230 any -P out ipsec            esp/transport//require            ah/transport//require;  spdadd 129.241.208.230 129.241.208.75 any -P in ipsec            esp/transport//require            ah/transport//require;

Moderator's Comments:
Mod Comment code tags for code, please.

Last edited by Corona688; 03-26-2012 at 12:34 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

What's wrong with my ipsec configuration?

I want a lan encrypted with ipsec. This is my /etc/inet/ike/config p1_xform { auth_method preshared oakley_group 5 auth_alg sha256 encr_alg aes } p2_pfs 2 this is my /etc/inet/secret/ike.preshared # ike.preshared on hostA, 192.168.0.21 #... { localidtype IP localid... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

2. IP Networking

VPN IPSec Openswan

Hi all, I have installed Openswan and configured IPSec and works perfect, but for some unknown reasons it stop working. I see that the tunnels are up and established. The route to the destination are added. Everything by the book seems to be ok. But somehow when i start to ping the other side (... (4 Replies)
Discussion started by: ivancd
4 Replies

3. AIX

Allow port range using IPsec?

Hi Guys, Please could you tell me if it is possible to have a single rule/filter to allow a certain port range instead of a separate rule for each port? I'm sure it must be possible but I am unable to find the syntax. Thanks Chris (4 Replies)
Discussion started by: chrisstevens
4 Replies

4. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

5. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

6. Red Hat

ipsec policy not working

Hi, I am trying to set a policy between 2 machines for all the ports except for 22 i.e. for tcp - basically I want to bypass ssh. But my policy doesn't seem to work. Here are the entries spdadd 1.2.3.4 4.3.2.1 any -P out prio 100 ipsec esp/transport//require ah/transport//require; spdadd... (0 Replies)
Discussion started by: ahamed101
0 Replies

7. IP Networking

IPSec VPN Routing

Hello, I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue. ... (0 Replies)
Discussion started by: salukibob
0 Replies

8. Cybersecurity

Problem while establishing ISAKMP in ipsec

Hi, I am facing problem while setting up ISAKMP between two hosts. I can see only the Initiator messages but no responder messages in tcpdump. Does anyone know the cause of this behaviour? FYI, here is the extracted information from tcpdump : 14:47:08.699113 IP 10.118.231.143.isakmp >... (0 Replies)
Discussion started by: universalTechie
0 Replies

9. Solaris

Solaris 10 IPSec peformance

Hi, does anyone have an experience how many IPSec tunnels Solaris 10 is able manage. A rough estimation would be great. I know it's hardly dependent on the hardware used, so if anyone says on a 490 with 2 CPUs and 4GB RAM a maximum of 1000 IPSec tunnels is possible, that would be great. I... (1 Reply)
Discussion started by: blombo
1 Replies

10. Cybersecurity

IPSec - VPN using shared key

Hello! I have some trouble trying to configure a VPN with two gateways. One of them uses IPSec with a single key, 256bits length, specified in /etc/ipsec.secrets. As FreeSwan manual page says, if i put esp=3des-md5-96, will be used a "64bit IV key (internally generated), a 192bit 3des ekey and a... (3 Replies)
Discussion started by: eNTer
3 Replies
Login or Register to Ask a Question

Featured Tech Videos