Skip to main content

Questions tagged [libreswan]

The tag has no usage guidance.

Filter by
Sorted by
Tagged with
5 votes
1 answer
10k views

Configuring L2TP VPN to use with iOS 14 and macOS Big Sur

After Apple did this in Big Sur OS I can't connect to my own VPN on Libreswan 3.27 (netkey) on 3.10.0-1160.6.1.el7.x86_64 Starting with iOS 14 and macOS Big Sur (coming soon), IPsec supports HMAC-SHA-...
megamosk's user avatar
3 votes
0 answers
234 views

Libreswan Testbed in VirtualBox

I'm currently working to create a testbed in VirtualBox for two VMs with an isolated opportunistic IPSec network with LibreSwan. All services are coming up fine, but network traffic between the two ...
schrodingersket's user avatar
2 votes
1 answer
3k views

libreswan configure virtual interface for ipsec traffic

Description: I am learning how to configure ipsec with libreswan. I want to set up a host-to-host vpn between two hosts. I want each host to use a virtual interface for their ipsec tunnel. Problem: I ...
Dave's user avatar
  • 366
2 votes
1 answer
6k views

Issue IKEV1 for Libreswan 3.27 : no connection has been authorized with policy PSK+IKEV1_ALLOW

I'm trying to connect to a Cisco ASA 5520. I have been provided credentials : Phase1 VPN IP address (Public IP) | XXX.XXX.XXX.XXX Authentication Method | Pre-Shared Secret Encryption ...
iMitwe's user avatar
  • 125
2 votes
0 answers
683 views

VPN traffic routing issue between two VPN connections - AWS and Generic IKEv2 / libreswan

Have several sites, one of them acts as intermediary router between two: AWS VPC (10.10.0.0/24) Libreswan VPN Server (10.20.0.0/24) Mikrotik VPN Router (10.30.0.0/24) host1 resides at AWS VPC, host2 ...
GioMac's user avatar
  • 4,654
2 votes
1 answer
3k views

AWS EC2 CentOS 7 with LibreSwan IPsec Tunnel UP (Established), No Traffic flow, cannot ping Peer encryption Domain Nodes

I have LibreSwan Setup on AWS EC2 CentOS7 instance, IPsec tunnel is established with the peer (Cisco ASA). The Tunnel is up, but I no traffic. I cannot ping the nodes at the side of the peer. Here is ...
sekayasin's user avatar
1 vote
1 answer
2k views

Libreswan IPSec IKEv2 unable to connect to multiple remote IPs

I have been beating my head against this for awhile, and I'm hoping that someone can point me in the right direction. I have a number of IPSec tunnels established, mostly from libreswan (v3.23) on ...
Bob's user avatar
  • 103
1 vote
1 answer
2k views

LibreSwan IKEv1 XAUTH VPN server -- so close and yet so far

Here's an ASCII-art diagram of my situation 192.168.10.0/24 | +---+ .7 | | A |------+ _____ +---+ | ( ) | ....
Ex Umbris's user avatar
  • 864
1 vote
0 answers
569 views

Libreswan and Mac OS X Big Sur client issues

I'm resorting to asking for help after a brutal amount of time troubleshooting connection problems between client and server. Troubles Mac OS X Catalina, and Linux clients work fine connecting to the ...
Enoch Root's user avatar
1 vote
0 answers
315 views

libreswan with Ikev2 client and plain text password

I need to set up a connection to VPN server with Libreswan. I can't use strongswan, since they are not working well together when installed on the same OC. My system is Linux Debian 10 (Buster) Kernel ...
Roustam Dzhafarov's user avatar
1 vote
0 answers
431 views

How to switch from the default kernel module netkey to klips for Libreswan (IPsec)?

Seek your guidance on setting up Libreswan with klips other than netkey. Let us start from the beginning. I installed Libreswan v4.4 and it pops up with this: Linux Libreswan 4.4 (netkey) on 5.4.0-...
Roma's user avatar
  • 111
1 vote
1 answer
1k views

Route traffic between two IPsec tunnels

I run a backend on DO infrastructure, call it site Yvi, that connects to a third party site Prov via an IPsec tunnel, with this libreswan config: conn prov-client ... right=$YVI_IP rightsourceip=...
acib708's user avatar
  • 111
0 votes
1 answer
639 views

Stongswan and Libreswan in Centos [closed]

I have a server running stongswan with one VPN connection. Can I add another VPN connection Via Libreswan on the same server? So the server will run both Strongswan and Libreswan. Regards, Michael
Mike's user avatar
  • 1
0 votes
0 answers
54 views

certutil - How do I avoid user input

I am creating a CA cert with the command below in a bash script. certutil -S -x -n "MyOrg AC CA" \ -z <(openssl rand -hex 16) \ -s "O=MyOrg,CN=MyOrg AC CA" \ -Z SHA512 --...
Reino Wallin's user avatar
0 votes
1 answer
261 views

Is it possible to have L2TP/IPsec VPN auto disconnect after x hours?

I couldn't find anything on Google, everything that I found was related to the opposite problem, VPN disconnecting when people don't want it to. A little backstory: one of our potential clients needs ...
Rikudou_Sennin's user avatar
0 votes
0 answers
194 views

Options for rebuilding OpenSwan box to LibreSwan without downtime?

This is all in an AWS VPC environment. We have an old Ubuntu 12.04 machine running OpenSwan which is managing a pile of VPN connections. This has worked well for us thus far, but 12.04 is no longer ...
Nicolas Pottier's user avatar