Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
0 votes
1 answer
119 views

How to get 2 tunnels UP between OpenSwan and AWS?

I have a VPC and network in eu-central-1 and one in eu-west-1 in AWS. The eu-central-1 fakes my on-prem environment. There I installed and configured OpenSwan on an EC2. In in eu-west-1 I configured a ...
DenCowboy's user avatar
  • 343
1 vote
0 answers
173 views

Trouble with routing on VPN with Openswan IPSec

Good morning, I'm having trouble configuring access to the servers through a VPN. The client can connect to the VPN perfectly, but access to the servers does not work. The conf of my connection is ...
Alexssandro Gottschalk's user avatar
0 votes
1 answer
1k views

NAT rules for VPN routing to public IP in local network

I'm trying configure a test VPN setup to route pings to an instances public IP. A corporate vendor we are connecting to has reserved all private space on their side. I'm not sure what NAT rules I need ...
Gavin's user avatar
  • 101
0 votes
1 answer
439 views

StrongSwan IPsec PING only working once after ipsec restart

Diagram VPN site to site: And a GIF showing what is happening. I create an IP route like this: sudo ip route add 192.168.1.0/24 via 10.132.146.166 eth0 eth1 And I have this iptable rules sudo ...
Makarov's user avatar
  • 11
0 votes
1 answer
833 views

Openswan server not routing traffic to LAN instances

I created an openswan instance which connected with AWS VPN and tunnel is up. I can ping from Openswan server to EC2 instance in VPC and EC2 instance can also ping Openswan private interface. But ...
xs2rashid's user avatar
  • 204
1 vote
0 answers
127 views

Ubuntu site-to-site VPN with no LAN on one side

A customer requires us to connect to their system via a site-to-site VPN tunnel. ("Client-based VPN solutions are not accepted.") Once the tunnel is established we'll be consuming data over the ...
Roger's user avatar
  • 111
0 votes
0 answers
1k views

IPsec VPN with subnet overlapping and NAT

I'm trying to configure, through OpenSwan on a Linux Ubuntu 14.04 the following scenario. It's an interesting configuration and it would be great to understand why I'm failing configuring correctly, ...
Echoes_86's user avatar
  • 173
1 vote
1 answer
3k views

OpenSwan - IPSec VPN - tunnel established but can't see a specific server there

I have to connect my server to a VPN tunnel thought Internet to see a local server that is on IP 192.168.20.100 Here are IPSec AND IKE settings from server (not mine , I do not own the VPN server) ...
user3781074's user avatar
2 votes
1 answer
4k views

Routing between OpenSWAN / IPSEC tunnels

I am trying to connect multiple Amazon VPCs (across regions) together using OpenSWAN and Amazon VGW's. The router instance can ping to hosts in both VPCs, and traffic is attempting to cross the router,...
Jason Martin's user avatar
  • 5,113
1 vote
0 answers
356 views

Why would ping oscillate between receiving bytes and redirects over a VPN?

I have a VPN set up between an Ubuntu 14 VM under fusion on my side and a SonicWall on the other side. The Ubuntu VM is dedicated to the task. When I ping a remote address, the results are very ...
David Patterson's user avatar
1 vote
1 answer
3k views

Can't establish site to site vpn connection between Cisco 3900 and strongSwan client

I have website, which displays data, received from gsm modems. So i am trying to connect my website to GSM network provider using vpn. Provider side there is a Cisco 3900, configured as site to site ...
iss_628's user avatar
  • 21
27 votes
1 answer
60k views

IPsec for Linux - strongSwan vs Openswan vs Libreswan vs other(?) [closed]

Searching for IPSec and Linux one inevitably will be confronted with different solutions (see below) which all seem quite similar. The question is: where is the difference? I found these projects. All ...
masgo's user avatar
  • 433
5 votes
2 answers
8k views

Site to Site VPN error 'received hash payload does not match computed value'

We need to access a couple of Linux machines located at our client's end. Our Linux machine, from which we need to access client's machine is located on cloud. The connection to be established is ...
Tapo's user avatar
  • 63
4 votes
3 answers
17k views

Connecting to a FortiGate VPN from a remote Linux machine via OpenSwan

Here's the setup: I have a FortiGate unit on a business network, which has a FortiGate VPN set up. Machines on a remote network that can run FortiClient (Windows and Mac machines) have no problem ...
user2892724's user avatar
2 votes
3 answers
11k views

ipsec: Can't authenticate: no preshared key found for

I'm using Openswan with ipsec and ipsec keeps complaining about the shared-key not being present. I'm running Ubuntu 14.04 . I'm just experimenting on a couple of internal systems since I'm new to ...
Dustin Oprea's user avatar
0 votes
0 answers
2k views

OpenSwan VPN IPSEC Tunnel Connection

I was hoping this website would be able to help with solving this issue since I've been running in circles on my end! I am using OpenSwan to setup an IPSec tunnel between a VPN server on Rackspace ...
Nare's user avatar
  • 55
0 votes
1 answer
1k views

openSwan VPN is up can't ping remote subnet

When I run the command ipsec auto status i get the following output: ...... 172.16.255.1/32===104.131.13.155<104.131.13.155>:17/1701...41.203.65.124<41.203. 65.124>===10.100....
Oladipo Olasemo's user avatar
0 votes
1 answer
1k views

OpenSwan on Amazon EC2 - max number of retransmissions reached STATE_MAIN_I3. Possible authentication failure:

We are communicating with one of our clients over a VPN Tunnel. Openswan tunnel was working perfectly fine before. Today we attached an Elastic IP to the server and rebooted. Since then the tunnel ...
Gaurav Srivastava's user avatar
1 vote
1 answer
6k views

How to start and stop a libreswan connection

I have a connection configured on my libreswan instance on two machines. The connection start automatically when I start the pluto daemon, I have try other settings, but the connection also starts if ...
Colanta's user avatar
  • 11
2 votes
0 answers
1k views

Openswan IPSec VPN on AWS tunnel established but no traffic

I am setting up a tunnel with a telco using AWS/VPC/EC2/Centos7/Libreswan and have been stuck for weeks. Appreciate any help! I have 192.168.16.73 (VPN GW, EIP 52.76.x.x) and 192.168.16.116 (...
Tai Shih Chau's user avatar
2 votes
1 answer
5k views

Two tunnels with same rightsubnet for StrongSWAN/OpenSWAN

I'm trying to set up the "Option 3" configuration for Google Cloud VPN, with two Google Cloud VPN gateways on the left and StrongSWAN or OpenSWAN on the right: If you have two Peer VPN gateways and ...
lambshaanxy's user avatar
0 votes
1 answer
208 views

Openswan L2TP setup to allow admin user access to AWS VPC

I've got an ssh bastion host, but managing the ssh whitelist is annoying, opening ssh to the world is suboptimal. I'd like to tuck a vpn server in front. Can't get openvpn to stay connected for more ...
jorfus's user avatar
  • 795
1 vote
0 answers
1k views

Openswan through Amazon VPC Routing to Office Network

Were trying to create a road warrior VPN network. Since the internet in our office is slow, we are running it through a VPC with a replicated AD and File Server. There is currently an Amazon VPC VPN ...
David Eisen's user avatar
1 vote
1 answer
8k views

IPSec VPN Fortigate Phase 2 stuck

Trying to setup a VPN connection to Office Fortigate but I can't pass phase 2. Received info from sysadmins: PSK IKE v1 Aggressive mode Phase1 3DES-SHA1 DH group 5 Key lifetime 28800 XAUTH PAP ...
H.Rabiee's user avatar
  • 111
0 votes
0 answers
920 views

Openswan malfunction since update

For security reasons i performed and update from a previous version of openswan to U2.6.32/K2.6.18-194.el5 (netkey) Since that moment i've been experiencing constant tunnel drops, i've checked the /...
Alonimus's user avatar
1 vote
0 answers
541 views

Openswan and Cisco ASA

i have post this same question on "Unix & Linux" but iv got no answer and will delete from there but ill try here too. I need this as soon as possible to solve it or at least to find out what is ...
IvanCD's user avatar
  • 27
1 vote
0 answers
3k views

Cannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8

I have check a lot of other L2TP/IPsec VPN post and none of them seem to quite match the issues I am having so here is what going on. I am trying to set up a VPN on my Arch Linux server that I can ...
angellusmortis's user avatar
-1 votes
1 answer
1k views

Openswan and OpenVPN

I have installed Openswan and have configured IPSec tunnels and they work perfect until i install OpenVPN. Now i can't find out way the ping wont work. When i execute the "service ipsec status" it ...
IvanCD's user avatar
  • 27
0 votes
1 answer
455 views

VPN and router pass-through

I have been having trouble with VPN on my router, so I thought that since it allowed VPN Pass-through, I would set up a VPN server on an Ubuntu box here, and pass through to that. I have set up PPTP, ...
Brett's user avatar
  • 1
3 votes
0 answers
573 views

Openswan and sonicwall and encryption parameters

This error leads me to investigate my encryption parameters: 003 "sonicwall" #2: ignoring unknown Vendor ID payload [...] Can some expert please have a look at tell me what is wrong? Sonic wall (...
jcalfee314's user avatar
2 votes
0 answers
754 views

OpenSwan + AWS + Ubuntu 14.04 - Cannot reach server

i'm currently trying to set up a VPN in order to login into a private subnet hosted on AWS. The target host has Ubuntu 14.04 and installed OpenSwan. I've setup ipsec.conf, ipsec.secrets, xl2tpd.conf, ...
nbriozzo's user avatar
2 votes
0 answers
2k views

Is it possible to do IPSec Site to Site VPN without static & public IP on one end?

I am working on a project for my engineering degree that requires me to interface with some pre-existing equipment, so I am rather limited on my options. I'm rather new to VPN and ipsec for that ...
BobTuckerman's user avatar
0 votes
1 answer
3k views

Openswan is not sending packets on new ip after DPD

I have configured tunnel with DDNS. After appliance get rebooted the other side is not sending packets on new ip-address (even i have set dpdaction=restart). I am using openswan 2.6.38. Here is my ...
Brijesh Valera's user avatar
1 vote
1 answer
3k views

Strongswan with X.509 authentication and LDAP authorization

I would like to setup Strongswan/Libreswan with PKI authentication. Now I have searched and found only how to configure specific accepted client certificates like here: http://technikenity.blogspot....
MemCtrl's user avatar
  • 118
0 votes
0 answers
2k views

l2tp vpn is disconnected after few minutes

I installed IPSec/L2TP on my vps server. I tried to connect from my mac to this VPN server. First time, connection is succeeded. But after a few minutes, connection was broken by itself. After this,...
Albert's user avatar
  • 101
2 votes
1 answer
8k views

How do I configure routing for an IPSEC tunnel between Openswan and RouterOS

I am trying to create a site-to-site VPN between a Linux router that runs openswan and shorewall (host A, serving subnet 10.10.0.0/16) and a MikroTek RouterBoard running RouterOS 6.3 (host B, serving ...
dorian's user avatar
  • 437
0 votes
1 answer
8k views

IPSEC Tunnel with OpenSwan on Ubuntu <-> CISCO Router

I have setup a tunnel between a UBUNTU SERVER linux box and a CISCO ROUTER. This is what's the topology looks like: host 1 ------ UBUNTU SERVER IPSEC <---> CISCO ROUTER ------ host 2 | ...
Pablo Santa Cruz's user avatar
1 vote
2 answers
4k views

Openswan tunnel to remote public NAT'd host

Need help on this VPN set-up to work. Left-hand. EC2: eth0:10.0.0.100/EIP=1.1.1.1 (ie. NAT'd IP) eth1:10.0.0.200/EIP=2.2.2.2 Peer ip/leftid: 1.1.1.1 Right-hand. Cisco: Peer ip: 3.3.3.3 Peer ...
dcvpn's user avatar
  • 31
0 votes
1 answer
162 views

L2TP/IPSec Conectivity Problems

We ar traying to establish a VPN to our office. We sucesful configured a debian server using openswan and lx2tpd. We test the conection on the local network, and established a VPN conection with the ...
EsteveBlanch's user avatar
6 votes
3 answers
26k views

Simple L2TP/IPsec server not working (openswan, xl2tpd, Ubuntu, Windows)

I configured openswan and xl2tpd on an Ubuntu 12.04 server (on EC2) by following various tutorials/documentation which seem to largely say the same things, but most recently this one. However, my ...
xyzzyrz's user avatar
  • 1,665
7 votes
1 answer
22k views

Can't get past "pending Phase 2" on OpenSWAN <-> ISA Server IPSec VPN

The issue I´m having quite a hard time configuring OpenSWAN on my Linux server (Ubuntu 12.04) to connect to an ISA Server 2004 IPSec VPN. There is apparently something wrong in the configuration that ...
GomoX's user avatar
  • 826
4 votes
3 answers
42k views

FortiGate IPsec VPN: Configuring Multiple Phase 2 Connections (Multiple Subnets)

I am trying to make an IPsec connection to a FortiGate router using OpenSwan. The FortiGate sits on two distinct subnets and I need to access both of them. In the FortiGate I have defined one Phase 1 ...
FixMaker's user avatar
  • 235
1 vote
0 answers
1k views

L2TP & IPSec (OpenSwan) on Centos time out when connecting

I'm having big trouble setting up a very simple VPN. Using Centos 6. My Server Address : 61.34.26.32 (fictive) Whenever I try to connect (from iPhone5 or MacOS X) i get a connection timeout. I ...
Disco's user avatar
  • 1,451
7 votes
1 answer
4k views

L2TP over IPSec VPN with OpenSwan and XL2TPD can't connect, timeout on Centos 6

I'm setting up LT2p over IPSec on my Centos 6.3 fresh install. I have iptables flushed, permit all. Whenever I try to connect, i get a 'no reply from vpn' and nothi Here's my ipsec.conf file (...
Disco's user avatar
  • 1,451
1 vote
1 answer
2k views

How do I limit one connection per user for L2TP/IPSec using OpenSwan?

I've successfully set up a VPN server with openswan, pppd, and xl2tpd on Ubuntu. Everything works great, but I'm having trouble finding out how to only allow one VPN connection per user listed in the ...
Han's user avatar
  • 131
0 votes
2 answers
1k views

ipsec / OpenSwan VPN limit

What is the through put limit of ipsec / OpenSwan? I am connecting to a Cisco ASA I am using ipsec version: Linux Openswan U2.6.37/K3.2.22-35.60.amzn1.x86_64 (netkey)
Robert's user avatar
  • 91
0 votes
1 answer
461 views

Windows 7 keep internet connection after IPSec established

How I can keep internet connection after establishing IpSec connection to server? I have followed to following link to establish IpSec server http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-...
Ahmet Karakaya's user avatar
4 votes
2 answers
4k views

Connecting to IPSec/L2tp with OpenSwan/xl2tpd from Windows7 to Amazon EC2

I am trying to connect from my Windows7 at home to my OpenSwan/xl2tpd setup on an Ubuntu EC2 instance at Amazon. It is a connection being NATed from both the client and server ends. I was following ...
Noam Singer's user avatar
0 votes
2 answers
39k views

OpenSwan IPSec phase #2 complications

Phase #1 (IKE) succeeds without any problems (verified at the target host). Phase #2 (IPSec), however, is erroneous at some point (apparently due to misconfiguration on localhost). This should be an ...
XXL's user avatar
  • 125
2 votes
0 answers
278 views

Sending L2tp/IPsec PSK client packets to OpenSwan server

I'm trying (kind of) to create VPN client, I set my server on Ubuntu using OpenSwan (L2tp/IPsec PSK). What I'm doing right now is sending packets to my server and trying to exchange my keys with the ...
Stigi's user avatar
  • 121