8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello, So I was finally able to get mpd5 working as a vpn server, however I am not able to use encryption. I have a feeling it's this entry in the logs, can someone decipher what this means for me & tell me if it can be fixed? I know ng_mppc is related to mchap, but I'm not sure what I'm supposed... (0 Replies)
Discussion started by: dpreviti
0 Replies
2. IP Networking
I try to setup a VPN Server (pptpd on Debian 5) to route an IP to my home PC when i login to the VPN - this works so far, i get the IP but then it is dead.
i cannot connect to anywhere, and only ping my IP - nothing else.
Any info on that?
I just want to have a static, external IP on the... (1 Reply)
Discussion started by: William_E
1 Replies
3. Debian
Dear All
My scenario is
Debian with PPTP Server in which I am able to connect to through other machines. Ive enable echo 1 > /proc/sys/net/ipv4/ip_forward and through client machine i can browse internet as well
I created another pptp client in debian server which connects to another... (0 Replies)
Discussion started by: kazimnaim
0 Replies
4. Emergency UNIX and Linux Support
Hi guys.
I am going to build a Linux VPN server(PPTP) for my friend but here is the problem:
He don't know Linux and command line to manage users, monitor server, etc
anyone knows a good GUI for this problem? I need some solution like nttacplus (2 Replies)
Discussion started by: majid.merkava
2 Replies
5. Emergency UNIX and Linux Support
Hi there.
Here is a crazy question:
can we connect to a L2TP vpn server Through a PPTP VPN server(I mean when connecting to a pptp server)? (1 Reply)
Discussion started by: majid.merkava
1 Replies
6. UNIX for Dummies Questions & Answers
Hi ,
I am a newbie to unix,linux i have a fedora core 4 linux. I had set it up as a pptp vpn client to a windows pptp server. Everything was working fine. Recently i saw that there were many attempts to hack into the root login using ssh. so i changed the ssh port,the ssh portocol to 2. And... (0 Replies)
Discussion started by: qais
0 Replies
7. UNIX for Advanced & Expert Users
Long story short, I have an issue with getting my VPN to connect to my w2k3 server box when I include the block all rule in my pf.conf:
block log all
Here's the output:
Apr 04 06:04:09.291697 rule 1/0(match): block in on hme0: call 3033 seq 0 gre-ppp-payload (gre encap)
Apr 04... (0 Replies)
Discussion started by: xyyz
0 Replies
8. UNIX for Dummies Questions & Answers
Hey guys, what's up? I'm new to UNIX and I really don't know much. Kinda learning as I go along. I have successfully installed FreeBSD 4.9 and enabled FTP and Telnet services. I'm looking to setup a VPN server on my BSD box but I'm lost. Can anyone guide me in the right way? Much thanks!
-... (2 Replies)
Discussion started by: sirex
2 Replies
RACOONCTL(8) BSD System Manager's Manual RACOONCTL(8)
NAME
racoonctl -- racoon administrative control tool
SYNOPSIS
racoonctl [opts] reload-config
racoonctl [opts] show-schedule
racoonctl [opts] show-sa [isakmp|esp|ah|ipsec]
racoonctl [opts] get-sa-cert [inet|inet6] src dst
racoonctl [opts] flush-sa [isakmp|esp|ah|ipsec]
racoonctl [opts] delete-sa saopts
racoonctl [opts] establish-sa [-w] [-n remoteconf] [-u identity] saopts
racoonctl [opts] vpn-connect [-u identity] vpn_gateway
racoonctl [opts] vpn-disconnect vpn_gateway
racoonctl [opts] show-event
racoonctl [opts] logout-user login
DESCRIPTION
racoonctl is used to control racoon(8) operation, if ipsec-tools was configured with adminport support. Communication between racoonctl and
racoon(8) is done through a UNIX socket. By changing the default mode and ownership of the socket, you can allow non-root users to alter
racoon(8) behavior, so do that with caution.
The following general options are available:
-d Debug mode. Hexdump sent admin port commands.
-l Increase verbosity. Mainly for show-sa command.
-s socket
Specify unix socket name used to connecting racoon.
The following commands are available:
reload-config
This should cause racoon(8) to reload its configuration file.
show-schedule
Unknown command.
show-sa [isakmp|esp|ah|ipsec]
Dump the SA: All the SAs if no SA class is provided, or either ISAKMP SAs, IPsec ESP SAs, IPsec AH SAs, or all IPsec SAs. Use -l to
increase verbosity.
get-sa-cert [inet|inet6] src dst
Output the raw certificate that was used to authenticate the phase 1 matching src and dst.
flush-sa [isakmp|esp|ah|ipsec]
is used to flush all SAs if no SA class is provided, or a class of SAs, either ISAKMP SAs, IPsec ESP SAs, IPsec AH SAs, or all IPsec
SAs.
establish-sa [-w] [-n remoteconf] [-u username] saopts
Establish an SA, either an ISAKMP SA, IPsec ESP SA, or IPsec AH SA. The optional -u username can be used when establishing an ISAKMP
SA while hybrid auth is in use. The exact remote block to use can be specified with -n remoteconf. racoonctl will prompt you for
the password associated with username and these credentials will be used in the Xauth exchange.
Specifying -w will make racoonctl wait until the SA is actually established or an error occurs.
saopts has the following format:
isakmp {inet|inet6} src dst
{esp|ah} {inet|inet6} src/prefixlen/port dst/prefixlen/port
{icmp|tcp|udp|gre|any}
vpn-connect [-u username] vpn_gateway
This is a particular case of the previous command. It will establish an ISAKMP SA with vpn_gateway.
delete-sa saopts
Delete an SA, either an ISAKMP SA, IPsec ESP SA, or IPsec AH SA.
vpn-disconnect vpn_gateway
This is a particular case of the previous command. It will kill all SAs associated with vpn_gateway.
show-event
Listen for all events reported by racoon(8).
logout-user login
Delete all SA established on behalf of the Xauth user login.
Command shortcuts are available:
rc reload-config
ss show-sa
sc show-schedule
fs flush-sa
ds delete-sa
es establish-sa
vc vpn-connect
vd vpn-disconnect
se show-event
lu logout-user
RETURN VALUES
The command should exit with 0 on success, and non-zero on errors.
FILES
/var/racoon/racoon.sock or
/var/run/racoon.sock racoon(8) control socket.
SEE ALSO
ipsec(4), racoon(8)
HISTORY
Once was kmpstat in the KAME project. It turned into racoonctl but remained undocumented for a while. Emmanuel Dreyfus <manu@NetBSD.org>
wrote this man page.
BSD March 12, 2009 BSD