Login or Register to Ask a Question and Join Our Community


Linux

IPSec using racoon w/ kerberos authentication

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux IPSec using racoon w/ kerberos authentication
# 1  
Old 10-21-2008
IPSec using racoon w/ kerberos authentication
Hi,

Anyone can point me a good link to setup IPSec using racoon IKE which uses gssapi_krb authentication method?

I have a debain linux box and Windows 2003R2 system, and I want them to communicate using IPSec.

Thanks,
Emily.
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

PERL and Kerberos authentication

I am installing Authen::Krb5::Easy and during make test I am getting the follwing error : kinit not ok 2 error was: could not get initial credentials: Cannot contact any KDC for requested realm we are stroring krb5.conf in diff location ( not in /etc/krb5.conf) , but, PERL is... (1 Reply)
Discussion started by: talashil
1 Replies

2. Shell Programming and Scripting

How to automatically store/cache password for kerberos authentication

Hi All, I am currently writing script to get the details for lot of hosts from jump server. Means each and every time it will ssh to the host and get the information. To achieve that I need to automatically accept the password from Jump server to that main hosts. We are using kerberos password... (6 Replies)
Discussion started by: kamauv234
6 Replies

3. UNIX for Dummies Questions & Answers

Kerberos Authentication error

Hi , I am trying to authenticate my id on client server with Kerberos and receiving below error kinit rpagadala@BDC.soft.net kinit: Cannot contact any KDC for realm 'BDC.soft.net' while getting initial credentials Please find krb5.conf on the client server configuration which is... (1 Reply)
Discussion started by: Tomlight
1 Replies

4. AIX

SSH and kerberos authentication problem AIX 5.3

I've configured an AIX 5.3 client to use our Windows AD for user authentication via Kerberos. When I try to ssh to the server using the AD credentials, I eventually get access but not after getting prompted for a password 3 times (which doesn't work) followed by an accepted login on the 4th... (3 Replies)
Discussion started by: jmroderick
3 Replies

5. Red Hat

PAM configuration: Kerberos authentication and NIS authorization problem

Hi, I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS. The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies

6. Programming

Kerberos Authentication c/c++

I am in the process of developing a application that needs to be able to authenticate users details with a kerberos server, which is proving to be rather difficult. There seems to be a lack of good information on how to do this using the MIT kerberos api. Can anyone point me in the right... (0 Replies)
Discussion started by: mshindo
0 Replies

7. UNIX for Dummies Questions & Answers

Kerberos Authentication from Application

Hi, We've configured Kerberos to authenticate AIX 5.3 users with Active Directory and I now have to port an application written in C to the new security model. Currently, our users can login as normal and running a "klist" command reveals that they have been successfully granted a ticket. ... (2 Replies)
Discussion started by: phykell
2 Replies
Login or Register to Ask a Question

LEARN ABOUT HPUX

ipsec_policy

ipsec_policy(1M)														  ipsec_policy(1M)

NAME

       ipsec_policy -  HP-UX IPSec policy tester

SYNOPSIS

       src_ip_addr] dst_ip_addr] src_port] dst_port]

DESCRIPTION

       is  a  utility  program	that allows the HP-UX IPSec Administrator to query the active policy database to determine which host IPsec Policy
       will be used for an IP packet based on a packet descriptor, or 5-tuple, and the direction.  The packet descriptor consists of a	source	IP
       address,  source  port  number, destination IP address, destination port number, and network protocol.  If the host policy uses dynamic key
       Security Associations, also displays the authentication record and IKE policy selected.	If the authentication record contains  two  values
       for  the IKE (KMP) version, uses the first value and selects the IKE policy according to this value.  If the host policy uses a tunnel pol-
       icy, also displays the tunnel policy used.

       requires the optional HP-UX IPSec software.

       You must have superuser capabilities to run the utility.

   Command-Line Arguments
       recognizes the following command-line options and arguments:

	      Specifies the source IP address
		   (src_ip_addr) of the packet.  If the direction is out, this is the local IP address.  If the  direction  is	in,  this  is  the
		   remote IP address.

		   Acceptable values: An IPv4 address in dotted-decimal notation or an IPv6 address in colon-hexadecimal notation.

		   Default:  If  you omit the source address and destination address uses the wildcard IPv4 address If you omit the source address
		   but specify the destination address, uses the wildcard IPv4 address or wildcard IPv6  address  according  to  the  type  of	IP
		   address you specify for the destination address.

	      Specifies the source port number
		   (src_port)  of the packet.  If the direction is out, this is the local port number.	If the direction is in, this is the remote
		   port number.

		   Range: An unsigned integer in the range 1 - 65535.

		   Default: Any port number(0).

		   If you are making a query for an outbound client-server application where the source port number can be  any  user-space  port,
		   specify a "dummy" user-space port number for the source port, such as 65535.

	      Specifies the destination IP address
		   (dst_ip_addr)  of  the  packet.   If  the direction is out, this is the remote IP address.  If the direction is in, this is the
		   local IP address.

		   Acceptable values: An IPv4 address in dotted-decimal notation or an IPv6 address in colon-hexadecimal notation.

		   Default: If you omit the source address and destination address uses the wildcard IPv4 address  If  you  omit  the  destination
		   address  but  specify  the  source address, uses the wildcard IPv4 address or wildcard IPv6 address according to the type of IP
		   address you specify for the source address.

	      Specifies the destination port number
		   (dst_port) of the packet.  If the direction is out, this is the remote port number.	If the direction is in, this is the  local
		   port number.

		   Range: An unsigned integer in the range 1 - 65535.

		   Default: If omitted, any port number is assumed.

		   If  you  are  making  a query for an inbound client-server application where the client port number can be any user-space port,
		   specify a "dummy" user-space port number for the destination (server) port such as 65535.

	      Specifies the
		   network_protocol of the packet.

		   Acceptable values: (Mobile IPv6 Mobility Header), or

		   Default: Any network protocol(0).

	      Specifies the
		   direction for the packet specification.

		   Acceptable values: or

		   Default:

RETURN VALUE

       Upon successful completion, returns 0; otherwise it returns 1.

ERRORS

       fails if any of the following conditions is encountered:

	      o  Command used incorrectly - Usage message is returned.

	      o  HP-UX IPSec subsystem is not running - returns the following message:

EXAMPLES

   IPv4 Example
       On system A you want to determine which host IPsec policy will be used for outbound telnet traffic to system B or when local  users  telnet
       to  system B.  Since the telnet clients on system A will use any unused user-space TCP port and the telnet daemons on system B will use TCP
       port 23, you could use the following command:

       On system A you want to determine which host IPsec policy will be used for inbound telnet traffic from system B or when users on  system  B
       telnet to the local system.  Since the local telnet daemons will use TCP port 23 and clients on system B will use any unused user-space TCP
       port, you could use the following command:

   IPv6 example
       On system A you want to determine which host IPsec policy will be used for outbound telnet traffic to system B or when local  users  telnet
       to  system B.  Since the telnet clients on system A will use any unused user-space TCP port and the telnet daemons on system B will use TCP
       port 23, you could use the following command:

       On system A you want to determine which host IPsec policy will be used for inbound telnet traffic from system B or when users on  system  B
       telnet to the local system.  Since the local telnet daemons will use TCP port 23 and clients on system B will use any unused user-space TCP
       port, you could use the following command:

WARNINGS

       requires the optional HP-UX IPSec software.

AUTHOR

       was developed by HP.

SEE ALSO

       ipsec_admin(1M),  ipsec_config(1M),   ipsec_config_add(1M),   ipsec_config_batch(1M),   ipsec_config_delete(1M),   ipsec_config_export(1M),
       ipsec_config_show(1M), ipsec_migrate(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required					  ipsec_policy(1M)