Questions tagged [libreswan]
The libreswan tag has no usage guidance.
16
questions
5
votes
1
answer
10k
views
Configuring L2TP VPN to use with iOS 14 and macOS Big Sur
After Apple did this in Big Sur OS I can't connect to my own VPN on Libreswan 3.27 (netkey) on 3.10.0-1160.6.1.el7.x86_64
Starting with iOS 14 and macOS Big Sur (coming soon), IPsec supports
HMAC-SHA-...
3
votes
0
answers
234
views
Libreswan Testbed in VirtualBox
I'm currently working to create a testbed in VirtualBox for two VMs with an isolated opportunistic IPSec network with LibreSwan. All services are coming up fine, but network traffic between the two ...
2
votes
1
answer
3k
views
libreswan configure virtual interface for ipsec traffic
Description:
I am learning how to configure ipsec with libreswan.
I want to set up a host-to-host vpn between two hosts. I want each host to use a virtual interface for their ipsec tunnel.
Problem:
I ...
2
votes
1
answer
6k
views
Issue IKEV1 for Libreswan 3.27 : no connection has been authorized with policy PSK+IKEV1_ALLOW
I'm trying to connect to a Cisco ASA 5520. I have been provided credentials :
Phase1
VPN IP address (Public IP) | XXX.XXX.XXX.XXX
Authentication Method | Pre-Shared Secret
Encryption ...
2
votes
0
answers
683
views
VPN traffic routing issue between two VPN connections - AWS and Generic IKEv2 / libreswan
Have several sites, one of them acts as intermediary router between two:
AWS VPC (10.10.0.0/24)
Libreswan VPN Server (10.20.0.0/24)
Mikrotik VPN Router (10.30.0.0/24)
host1 resides at AWS VPC, host2 ...
2
votes
1
answer
3k
views
AWS EC2 CentOS 7 with LibreSwan IPsec Tunnel UP (Established), No Traffic flow, cannot ping Peer encryption Domain Nodes
I have LibreSwan Setup on AWS EC2 CentOS7 instance, IPsec tunnel is established with the peer (Cisco ASA).
The Tunnel is up, but I no traffic. I cannot ping the nodes at the side of the peer.
Here is ...
1
vote
1
answer
2k
views
Libreswan IPSec IKEv2 unable to connect to multiple remote IPs
I have been beating my head against this for awhile, and I'm hoping that someone can point me in the right direction.
I have a number of IPSec tunnels established, mostly from libreswan (v3.23) on ...
1
vote
1
answer
2k
views
LibreSwan IKEv1 XAUTH VPN server -- so close and yet so far
Here's an ASCII-art diagram of my situation
192.168.10.0/24
|
+---+ .7 |
| A |------+ _____
+---+ | ( )
| ....
1
vote
0
answers
569
views
Libreswan and Mac OS X Big Sur client issues
I'm resorting to asking for help after a brutal amount of time troubleshooting connection problems between client and server.
Troubles
Mac OS X Catalina, and Linux clients work fine connecting to the ...
1
vote
0
answers
315
views
libreswan with Ikev2 client and plain text password
I need to set up a connection to VPN server with Libreswan. I can't use strongswan, since they are not working well together when installed on the same OC.
My system is Linux Debian 10 (Buster)
Kernel ...
1
vote
0
answers
431
views
How to switch from the default kernel module netkey to klips for Libreswan (IPsec)?
Seek your guidance on setting up Libreswan with klips other than netkey. Let us start from the beginning.
I installed Libreswan v4.4 and it pops up with this: Linux Libreswan 4.4 (netkey) on 5.4.0-...
1
vote
1
answer
1k
views
Route traffic between two IPsec tunnels
I run a backend on DO infrastructure, call it site Yvi, that connects to a third party site Prov via an IPsec tunnel, with this libreswan config:
conn prov-client
...
right=$YVI_IP
rightsourceip=...
0
votes
1
answer
639
views
Stongswan and Libreswan in Centos [closed]
I have a server running stongswan with one VPN connection.
Can I add another VPN connection Via Libreswan on the same server?
So the server will run both Strongswan and Libreswan.
Regards,
Michael
0
votes
0
answers
54
views
certutil - How do I avoid user input
I am creating a CA cert with the command below in a bash script.
certutil -S -x -n "MyOrg AC CA" \
-z <(openssl rand -hex 16) \
-s "O=MyOrg,CN=MyOrg AC CA" \
-Z SHA512 --...
0
votes
1
answer
261
views
Is it possible to have L2TP/IPsec VPN auto disconnect after x hours?
I couldn't find anything on Google, everything that I found was related to the opposite problem, VPN disconnecting when people don't want it to.
A little backstory: one of our potential clients needs ...
0
votes
0
answers
194
views
Options for rebuilding OpenSwan box to LibreSwan without downtime?
This is all in an AWS VPC environment.
We have an old Ubuntu 12.04 machine running OpenSwan which is managing a pile of VPN connections. This has worked well for us thus far, but 12.04 is no longer ...