All Questions
60
questions
0
votes
1
answer
119
views
How to get 2 tunnels UP between OpenSwan and AWS?
I have a VPC and network in eu-central-1 and one in eu-west-1 in AWS.
The eu-central-1 fakes my on-prem environment. There I installed and configured OpenSwan on an EC2. In in eu-west-1 I configured a ...
1
vote
0
answers
173
views
Trouble with routing on VPN with Openswan IPSec
Good morning, I'm having trouble configuring access to the servers through a VPN. The client can connect to the VPN perfectly, but access to the servers does not work.
The conf of my connection is ...
0
votes
1
answer
1k
views
NAT rules for VPN routing to public IP in local network
I'm trying configure a test VPN setup to route pings to an instances public IP. A corporate vendor we are connecting to has reserved all private space on their side. I'm not sure what NAT rules I need ...
0
votes
1
answer
439
views
StrongSwan IPsec PING only working once after ipsec restart
Diagram VPN site to site:
And a GIF showing what is happening.
I create an IP route like this:
sudo ip route add 192.168.1.0/24 via 10.132.146.166 eth0 eth1
And I have this iptable rules
sudo ...
0
votes
1
answer
833
views
Openswan server not routing traffic to LAN instances
I created an openswan instance which connected with AWS VPN and tunnel is up. I can ping from Openswan server to EC2 instance in VPC and EC2 instance can also ping Openswan private interface.
But ...
1
vote
0
answers
127
views
Ubuntu site-to-site VPN with no LAN on one side
A customer requires us to connect to their system via a site-to-site VPN tunnel. ("Client-based VPN solutions are not accepted.") Once the tunnel is established we'll be consuming data over the ...
0
votes
0
answers
1k
views
IPsec VPN with subnet overlapping and NAT
I'm trying to configure, through OpenSwan on a Linux Ubuntu 14.04 the following scenario.
It's an interesting configuration and it would be great to understand why I'm failing configuring correctly, ...
1
vote
1
answer
3k
views
OpenSwan - IPSec VPN - tunnel established but can't see a specific server there
I have to connect my server to a VPN tunnel thought Internet to see a local server that is on IP 192.168.20.100
Here are IPSec AND IKE settings from server (not mine , I do not own the VPN server)
...
2
votes
1
answer
4k
views
Routing between OpenSWAN / IPSEC tunnels
I am trying to connect multiple Amazon VPCs (across regions) together using OpenSWAN and Amazon VGW's. The router instance can ping to hosts in both VPCs, and traffic is attempting to cross the router,...
1
vote
0
answers
356
views
Why would ping oscillate between receiving bytes and redirects over a VPN?
I have a VPN set up between an Ubuntu 14 VM under fusion on my side and a SonicWall on the other side. The Ubuntu VM is dedicated to the task.
When I ping a remote address, the results are very ...
1
vote
1
answer
3k
views
Can't establish site to site vpn connection between Cisco 3900 and strongSwan client
I have website, which displays data, received from gsm modems. So i am trying to connect my website to GSM network provider using vpn.
Provider side there is a Cisco 3900, configured as site to site ...
27
votes
1
answer
60k
views
IPsec for Linux - strongSwan vs Openswan vs Libreswan vs other(?) [closed]
Searching for IPSec and Linux one inevitably will be confronted with different solutions (see below) which all seem quite similar. The question is: where is the difference?
I found these projects. All ...
5
votes
2
answers
8k
views
Site to Site VPN error 'received hash payload does not match computed value'
We need to access a couple of Linux machines located at our client's end.
Our Linux machine, from which we need to access client's machine is located on cloud.
The connection to be established is ...
4
votes
3
answers
17k
views
Connecting to a FortiGate VPN from a remote Linux machine via OpenSwan
Here's the setup:
I have a FortiGate unit on a business network, which has a FortiGate VPN set up. Machines on a remote network that can run FortiClient (Windows and Mac machines) have no problem ...
2
votes
3
answers
11k
views
ipsec: Can't authenticate: no preshared key found for
I'm using Openswan with ipsec and ipsec keeps complaining about the shared-key not being present. I'm running Ubuntu 14.04 .
I'm just experimenting on a couple of internal systems since I'm new to ...
0
votes
0
answers
2k
views
OpenSwan VPN IPSEC Tunnel Connection
I was hoping this website would be able to help with solving this issue since I've been running in circles on my end!
I am using OpenSwan to setup an IPSec tunnel between a VPN server on Rackspace ...
0
votes
1
answer
1k
views
openSwan VPN is up can't ping remote subnet
When I run the command ipsec auto status i get the following output:
......
172.16.255.1/32===104.131.13.155<104.131.13.155>:17/1701...41.203.65.124<41.203. 65.124>===10.100....
0
votes
1
answer
1k
views
OpenSwan on Amazon EC2 - max number of retransmissions reached STATE_MAIN_I3. Possible authentication failure:
We are communicating with one of our clients over a VPN Tunnel.
Openswan tunnel was working perfectly fine before. Today we attached an Elastic IP to the server and rebooted. Since then the tunnel ...
1
vote
1
answer
6k
views
How to start and stop a libreswan connection
I have a connection configured on my libreswan instance on two machines.
The connection start automatically when I start the pluto daemon, I have try other settings, but the connection also starts if ...
2
votes
0
answers
1k
views
Openswan IPSec VPN on AWS tunnel established but no traffic
I am setting up a tunnel with a telco using AWS/VPC/EC2/Centos7/Libreswan and have been stuck for weeks. Appreciate any help!
I have 192.168.16.73 (VPN GW, EIP 52.76.x.x) and 192.168.16.116 (...
2
votes
1
answer
5k
views
Two tunnels with same rightsubnet for StrongSWAN/OpenSWAN
I'm trying to set up the "Option 3" configuration for Google Cloud VPN, with two Google Cloud VPN gateways on the left and StrongSWAN or OpenSWAN on the right:
If you have two Peer VPN gateways and ...
0
votes
1
answer
208
views
Openswan L2TP setup to allow admin user access to AWS VPC
I've got an ssh bastion host, but managing the ssh whitelist is annoying, opening ssh to the world is suboptimal. I'd like to tuck a vpn server in front.
Can't get openvpn to stay connected for more ...
1
vote
0
answers
1k
views
Openswan through Amazon VPC Routing to Office Network
Were trying to create a road warrior VPN network. Since the internet in our office is slow, we are running it through a VPC with a replicated AD and File Server. There is currently an Amazon VPC VPN ...
1
vote
1
answer
8k
views
IPSec VPN Fortigate Phase 2 stuck
Trying to setup a VPN connection to Office Fortigate but I can't pass phase
2.
Received info from sysadmins:
PSK
IKE v1
Aggressive mode
Phase1 3DES-SHA1
DH group 5
Key lifetime 28800
XAUTH PAP ...
0
votes
0
answers
920
views
Openswan malfunction since update
For security reasons i performed and update from a previous version of openswan to U2.6.32/K2.6.18-194.el5 (netkey)
Since that moment i've been experiencing constant tunnel drops, i've checked the /...
1
vote
0
answers
541
views
Openswan and Cisco ASA
i have post this same question on "Unix & Linux" but iv got no answer and will delete from there but ill try here too. I need this as soon as possible to solve it or at least to find out what is ...
1
vote
0
answers
3k
views
Cannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8
I have check a lot of other L2TP/IPsec VPN post and none of them seem to quite match the issues I am having so here is what going on.
I am trying to set up a VPN on my Arch Linux server that I can ...
-1
votes
1
answer
1k
views
Openswan and OpenVPN
I have installed Openswan and have configured IPSec tunnels and they work perfect until i install OpenVPN. Now i can't find out way the ping wont work.
When i execute the "service ipsec status" it ...
0
votes
1
answer
455
views
VPN and router pass-through
I have been having trouble with VPN on my router, so I thought that since it allowed VPN Pass-through, I would set up a VPN server on an Ubuntu box here, and pass through to that.
I have set up PPTP, ...
3
votes
0
answers
573
views
Openswan and sonicwall and encryption parameters
This error leads me to investigate my encryption parameters:
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
Can some expert please have a look at tell me what is wrong?
Sonic wall (...
2
votes
0
answers
754
views
OpenSwan + AWS + Ubuntu 14.04 - Cannot reach server
i'm currently trying to set up a VPN in order to login into a private subnet hosted on AWS.
The target host has Ubuntu 14.04 and installed OpenSwan.
I've setup ipsec.conf, ipsec.secrets, xl2tpd.conf, ...
2
votes
0
answers
2k
views
Is it possible to do IPSec Site to Site VPN without static & public IP on one end?
I am working on a project for my engineering degree that requires me to interface with some pre-existing equipment, so I am rather limited on my options. I'm rather new to VPN and ipsec for that ...
0
votes
1
answer
3k
views
Openswan is not sending packets on new ip after DPD
I have configured tunnel with DDNS. After appliance get rebooted the other side is not sending packets on new ip-address (even i have set dpdaction=restart).
I am using openswan 2.6.38.
Here is my ...
1
vote
1
answer
3k
views
Strongswan with X.509 authentication and LDAP authorization
I would like to setup Strongswan/Libreswan with PKI authentication. Now I have searched and found only how to configure specific accepted client certificates like here: http://technikenity.blogspot....
0
votes
0
answers
2k
views
l2tp vpn is disconnected after few minutes
I installed IPSec/L2TP on my vps server.
I tried to connect from my mac to this VPN server.
First time, connection is succeeded. But after a few minutes, connection was broken by itself.
After this,...
2
votes
1
answer
8k
views
How do I configure routing for an IPSEC tunnel between Openswan and RouterOS
I am trying to create a site-to-site VPN between a Linux router that runs openswan and shorewall (host A, serving subnet 10.10.0.0/16) and a MikroTek RouterBoard running RouterOS 6.3 (host B, serving ...
0
votes
1
answer
8k
views
IPSEC Tunnel with OpenSwan on Ubuntu <-> CISCO Router
I have setup a tunnel between a UBUNTU SERVER linux box and a CISCO ROUTER.
This is what's the topology looks like:
host 1 ------ UBUNTU SERVER IPSEC <---> CISCO ROUTER ------ host 2
| ...
1
vote
2
answers
4k
views
Openswan tunnel to remote public NAT'd host
Need help on this VPN set-up to work.
Left-hand. EC2:
eth0:10.0.0.100/EIP=1.1.1.1 (ie. NAT'd IP)
eth1:10.0.0.200/EIP=2.2.2.2
Peer ip/leftid: 1.1.1.1
Right-hand. Cisco:
Peer ip: 3.3.3.3
Peer ...
0
votes
1
answer
162
views
L2TP/IPSec Conectivity Problems
We ar traying to establish a VPN to our office.
We sucesful configured a debian server using openswan and lx2tpd.
We test the conection on the local network, and established a VPN conection with the ...
6
votes
3
answers
26k
views
Simple L2TP/IPsec server not working (openswan, xl2tpd, Ubuntu, Windows)
I configured openswan and xl2tpd on an Ubuntu 12.04 server (on EC2) by following various tutorials/documentation which seem to largely say the same things, but most recently this one.
However, my ...
7
votes
1
answer
22k
views
Can't get past "pending Phase 2" on OpenSWAN <-> ISA Server IPSec VPN
The issue
I´m having quite a hard time configuring OpenSWAN on my Linux server (Ubuntu 12.04) to connect to an ISA Server 2004 IPSec VPN. There is apparently something wrong in the configuration that ...
4
votes
3
answers
42k
views
FortiGate IPsec VPN: Configuring Multiple Phase 2 Connections (Multiple Subnets)
I am trying to make an IPsec connection to a FortiGate router using OpenSwan. The FortiGate sits on two distinct subnets and I need to access both of them. In the FortiGate I have defined one Phase 1 ...
1
vote
0
answers
1k
views
L2TP & IPSec (OpenSwan) on Centos time out when connecting
I'm having big trouble setting up a very simple VPN. Using Centos 6.
My Server Address : 61.34.26.32 (fictive)
Whenever I try to connect (from iPhone5 or MacOS X) i get a connection timeout.
I ...
7
votes
1
answer
4k
views
L2TP over IPSec VPN with OpenSwan and XL2TPD can't connect, timeout on Centos 6
I'm setting up LT2p over IPSec on my Centos 6.3 fresh install.
I have iptables flushed, permit all.
Whenever I try to connect, i get a 'no reply from vpn' and nothi
Here's my ipsec.conf file (...
1
vote
1
answer
2k
views
How do I limit one connection per user for L2TP/IPSec using OpenSwan?
I've successfully set up a VPN server with openswan, pppd, and xl2tpd on Ubuntu.
Everything works great, but I'm having trouble finding out how to only allow one VPN connection per user listed in the ...
0
votes
2
answers
1k
views
ipsec / OpenSwan VPN limit
What is the through put limit of ipsec / OpenSwan?
I am connecting to a Cisco ASA
I am using ipsec version:
Linux Openswan U2.6.37/K3.2.22-35.60.amzn1.x86_64 (netkey)
0
votes
1
answer
461
views
Windows 7 keep internet connection after IPSec established
How I can keep internet connection after establishing IpSec connection to server?
I have followed to following link to establish IpSec server
http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-...
4
votes
2
answers
4k
views
Connecting to IPSec/L2tp with OpenSwan/xl2tpd from Windows7 to Amazon EC2
I am trying to connect from my Windows7 at home to my OpenSwan/xl2tpd setup on an Ubuntu EC2 instance at Amazon.
It is a connection being NATed from both the client and server ends.
I was following ...
0
votes
2
answers
39k
views
OpenSwan IPSec phase #2 complications
Phase #1 (IKE) succeeds without any problems (verified at the target host).
Phase #2 (IPSec), however, is erroneous at some point (apparently due to misconfiguration on localhost).
This should be an ...
2
votes
0
answers
278
views
Sending L2tp/IPsec PSK client packets to OpenSwan server
I'm trying (kind of) to create VPN client, I set my server on Ubuntu using OpenSwan (L2tp/IPsec PSK). What I'm doing right now is sending packets to my server and trying to exchange my keys with the ...