Skip to main content

Questions tagged [openswan]

The tag has no usage guidance.

58 questions with no upvoted or accepted answers
Filter by
Sorted by
Tagged with
4 votes
2 answers
8k views

subnet-to-subnet libreswan ipsec vpn

I'm configuring a "subnet to subnet VPN" between two Centos 7 server using libreswan. Each server has two nic as showed in the following image. I would allow secure communication between the subnets ...
NoNoNo's user avatar
  • 1,983
4 votes
0 answers
1k views

How do I configure OpenSwan to allow pure IPsec (not L2TP) connections from an iPhone?

Similar to this question, I want to configure an IPsec server on Linux which will accept connections from the iPhone. However, unlike the other question, I want to be able to test with pre-shared keys ...
mpontillo's user avatar
  • 924
3 votes
0 answers
644 views

OpenSwan IPSec log explanation

I am trying to understand the IPSec logs. Would be really great if someone can help me to understand the main things I look for and how to troubleshoot any ipsec issue. Would be really great of ...
rrene's user avatar
  • 131
3 votes
0 answers
657 views

Is there an extension of host to host ipsec to a many-many configuration?

Having a typical host to host transport mode ipsec configuration, conn appserver01-to-swift01 [email protected] left=10.133.176.246 leftrsasigkey=xxxxxxxxxxxxxxxxxxxxxxxx ...
user22866's user avatar
  • 151
3 votes
0 answers
573 views

Openswan and sonicwall and encryption parameters

This error leads me to investigate my encryption parameters: 003 "sonicwall" #2: ignoring unknown Vendor ID payload [...] Can some expert please have a look at tell me what is wrong? Sonic wall (...
jcalfee314's user avatar
3 votes
1 answer
4k views

IKE Phase 1 Aggressive Mode exchange does not complete

I've configured a 3G IP Gateway of mine to connect using IKE Phase 1 Aggressive Mode with PSK to my openswan installation running on Ubuntu server 12.04. I've configured openswan as follows: /etc/...
Isaac Sutherland's user avatar
2 votes
1 answer
162 views

what is the proposal string for aes-gem256 deffie helman group 20, esp

As a developer tasked with connecting to a vpn without preconfigured profile scripts, i'm fumbling through setting up a strongswan ipsec.conf file. My current hurdle is an "invalid proposal ...
T3.0's user avatar
  • 121
2 votes
1 answer
4k views

Routing between OpenSWAN / IPSEC tunnels

I am trying to connect multiple Amazon VPCs (across regions) together using OpenSWAN and Amazon VGW's. The router instance can ping to hosts in both VPCs, and traffic is attempting to cross the router,...
Jason Martin's user avatar
  • 5,113
2 votes
3 answers
11k views

ipsec: Can't authenticate: no preshared key found for

I'm using Openswan with ipsec and ipsec keeps complaining about the shared-key not being present. I'm running Ubuntu 14.04 . I'm just experimenting on a couple of internal systems since I'm new to ...
Dustin Oprea's user avatar
2 votes
0 answers
1k views

Openswan IPSec VPN on AWS tunnel established but no traffic

I am setting up a tunnel with a telco using AWS/VPC/EC2/Centos7/Libreswan and have been stuck for weeks. Appreciate any help! I have 192.168.16.73 (VPN GW, EIP 52.76.x.x) and 192.168.16.116 (...
Tai Shih Chau's user avatar
2 votes
0 answers
3k views

Creating redundant IPSec connections using OpenSwan

I have a linux (netkey) instance with openswan installed, the instance has two connection to the same IPSec peer that needs to act as redundant connections. both connections' properties are the same (...
Amir's user avatar
  • 21
2 votes
0 answers
305 views

Openswan bad routing record after connect

I have a problem in openswan configuration. In the routing table create following lines on the client, after connect to server: Dest mask Gateway Conn Metric 0.0.0.0 ...
user218547's user avatar
2 votes
0 answers
754 views

OpenSwan + AWS + Ubuntu 14.04 - Cannot reach server

i'm currently trying to set up a VPN in order to login into a private subnet hosted on AWS. The target host has Ubuntu 14.04 and installed OpenSwan. I've setup ipsec.conf, ipsec.secrets, xl2tpd.conf, ...
nbriozzo's user avatar
2 votes
0 answers
2k views

Is it possible to do IPSec Site to Site VPN without static & public IP on one end?

I am working on a project for my engineering degree that requires me to interface with some pre-existing equipment, so I am rather limited on my options. I'm rather new to VPN and ipsec for that ...
BobTuckerman's user avatar
2 votes
0 answers
579 views

IPsec connection established but xl2tpd times out

This may or may not be related to my problem with passing ipsec verify. I have configured L2TP/IPsec VPN on Ubuntu 13.04 following Ubuntu's community documentation and while IPsec connection seems ...
Damn Terminal's user avatar
2 votes
0 answers
13k views

ipsec IKE phase 1 failure

I have a wireless gateway that supports site-to-site IPSec. I have configured openswan on Ubuntu Server 12.04 (left side of the tunnel) with the following /etc/ipsec.conf: version 2.0 config setup ...
Isaac Sutherland's user avatar
2 votes
0 answers
278 views

Sending L2tp/IPsec PSK client packets to OpenSwan server

I'm trying (kind of) to create VPN client, I set my server on Ubuntu using OpenSwan (L2tp/IPsec PSK). What I'm doing right now is sending packets to my server and trying to exchange my keys with the ...
Stigi's user avatar
  • 121
1 vote
0 answers
173 views

Trouble with routing on VPN with Openswan IPSec

Good morning, I'm having trouble configuring access to the servers through a VPN. The client can connect to the VPN perfectly, but access to the servers does not work. The conf of my connection is ...
Alexssandro Gottschalk's user avatar
1 vote
0 answers
812 views

Openswan l2tp vpn ppp wrong ip address

Using Openswan with xl2tp on archlinux (4.20) to connect to a vpn, I can create the tunnel and the ppp interface is created howerver it gets the wrong ip address: enp4s0: <BROADCAST,MULTICAST,...
2A-66-42's user avatar
  • 111
1 vote
1 answer
2k views

How to connect VPN Client Openswan

I have VPN server using Openswan with address 103.19.208.247 Then, i want connect my laptop (CENTOS) with IP 103.19.208.243 to VPN server. Here my configuration: /etc/ipsec.conf config setup ...
lala's user avatar
  • 13
1 vote
0 answers
127 views

Ubuntu site-to-site VPN with no LAN on one side

A customer requires us to connect to their system via a site-to-site VPN tunnel. ("Client-based VPN solutions are not accepted.") Once the tunnel is established we'll be consuming data over the ...
Roger's user avatar
  • 111
1 vote
1 answer
3k views

OpenSwan - IPSec VPN - tunnel established but can't see a specific server there

I have to connect my server to a VPN tunnel thought Internet to see a local server that is on IP 192.168.20.100 Here are IPSec AND IKE settings from server (not mine , I do not own the VPN server) ...
user3781074's user avatar
1 vote
0 answers
189 views

OpenSwan and L2TPd traversing secondary gateway

I need some help with a networking project using Linux (RHEL based) and open swan with L2TPd (xl2tpd). While the initial setup works great, I want my VPN traffic to traverse over the secondary ...
PsychoSquirrel's user avatar
1 vote
0 answers
356 views

Why would ping oscillate between receiving bytes and redirects over a VPN?

I have a VPN set up between an Ubuntu 14 VM under fusion on my side and a SonicWall on the other side. The Ubuntu VM is dedicated to the task. When I ping a remote address, the results are very ...
David Patterson's user avatar
1 vote
0 answers
2k views

Docker + VPN LAN to LAN

We just migrated our applications to a Docker environment. I have many containers running my Python Application in my VM. (4 containers per VM). This is a multi-tenant application. This application ...
gogasca's user avatar
  • 343
1 vote
0 answers
420 views

Openswan to Cisco ASA IPSec tunnel - specific IP address range required. Netmap?

I'm attempting to set up a VPN tunnel between a Cisco ASA 5520 and an Openswan server running on Ubuntu 14.04 on a Amazon VPC instance. I do not have access to the ASA, and have been given the ...
Adam's user avatar
  • 11
1 vote
0 answers
121 views

IPsec and pinging rightsubnets

I have been racking my brain about this. I have openswan running and I have been able to get tunnels up. Unfortunately, when I try to ping computers on my right subnet, I am not able to get any ...
confused's user avatar
1 vote
0 answers
1k views

Openswan through Amazon VPC Routing to Office Network

Were trying to create a road warrior VPN network. Since the internet in our office is slow, we are running it through a VPC with a replicated AD and File Server. There is currently an Amazon VPC VPN ...
David Eisen's user avatar
1 vote
0 answers
625 views

openswan IPSEC site to site randomly disconnects on debian server

goodmorning my friends, this is my situation: I have two debian servers with static IP connected through a site to site VPN OPENSWAN, everything works like a charm, I can ping the entire lan from any ...
silvered.dragon's user avatar
1 vote
1 answer
8k views

IPSec VPN Fortigate Phase 2 stuck

Trying to setup a VPN connection to Office Fortigate but I can't pass phase 2. Received info from sysadmins: PSK IKE v1 Aggressive mode Phase1 3DES-SHA1 DH group 5 Key lifetime 28800 XAUTH PAP ...
H.Rabiee's user avatar
  • 111
1 vote
0 answers
412 views

amazon ec2 instance going to a remote ip using openswan tunnel is up but no traffic being established on the remote ip

I having establishing a vpn tunnel to a remote peer/public ip using amazon ec2 openswan. The tunnel is up but no traffic has been seen on our side or the remote side? Is there I been missing? Please ...
Edmar's user avatar
  • 11
1 vote
0 answers
541 views

Openswan and Cisco ASA

i have post this same question on "Unix & Linux" but iv got no answer and will delete from there but ill try here too. I need this as soon as possible to solve it or at least to find out what is ...
IvanCD's user avatar
  • 27
1 vote
0 answers
785 views

Openswan ip tunnel not passing traffic

I had this tunnel already working, but now I needed to add two more ips 10.50.240.48/28 and 10.50.96.0/20. I set up my left and right and leftsubnets and rightsubnets properly in the openswan config. ...
JohnMerlino's user avatar
1 vote
0 answers
3k views

Cannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8

I have check a lot of other L2TP/IPsec VPN post and none of them seem to quite match the issues I am having so here is what going on. I am trying to set up a VPN on my Arch Linux server that I can ...
angellusmortis's user avatar
1 vote
0 answers
1k views

L2TP & IPSec (OpenSwan) on Centos time out when connecting

I'm having big trouble setting up a very simple VPN. Using Centos 6. My Server Address : 61.34.26.32 (fictive) Whenever I try to connect (from iPhone5 or MacOS X) i get a connection timeout. I ...
Disco's user avatar
  • 1,451
0 votes
1 answer
119 views

How to get 2 tunnels UP between OpenSwan and AWS?

I have a VPC and network in eu-central-1 and one in eu-west-1 in AWS. The eu-central-1 fakes my on-prem environment. There I installed and configured OpenSwan on an EC2. In in eu-west-1 I configured a ...
DenCowboy's user avatar
  • 343
0 votes
0 answers
194 views

Options for rebuilding OpenSwan box to LibreSwan without downtime?

This is all in an AWS VPC environment. We have an old Ubuntu 12.04 machine running OpenSwan which is managing a pile of VPN connections. This has worked well for us thus far, but 12.04 is no longer ...
Nicolas Pottier's user avatar
0 votes
0 answers
1k views

AWS Ubuntu Strongswan IPSec VPN and Iptables configuration tunnel routing

I've muddled up my configuration. I've setup a site-to-site VPN between an AWS Ubuntu VM running strongswan, and another site. The VPN tunnel is working, but anytime I try to route traffic through ...
Unpossible's user avatar
0 votes
1 answer
1k views

Policy based routing in linux based on destination address.

I am struggling with a scenario. Suppose we have two systems in same subnet A:- 192.168.1.5 and B:-192.168.1.6 where B is further connected with C:-172.22.1.5 through Openswan. B can ping C but A cant ...
xs2rashid's user avatar
  • 204
0 votes
0 answers
1k views

IPsec VPN with subnet overlapping and NAT

I'm trying to configure, through OpenSwan on a Linux Ubuntu 14.04 the following scenario. It's an interesting configuration and it would be great to understand why I'm failing configuring correctly, ...
Echoes_86's user avatar
  • 173
0 votes
1 answer
2k views

ipsec verify indicates ERRORS "No tunnels up"

I just installed openswan on Ubuntu14. I'm trying to connect to my work's VPN (I have access to the Firewall/VPN btw). When I do a /usr/sbin/ipsec verify I get the following: Checking your system ...
BioRod's user avatar
  • 313
0 votes
1 answer
451 views

IPSEC VPN site-to-"alias"

I am trying to connect my CentOS (CentOS release 6.7) server to a 3rd party VPN so traffic can be routed between my Apache instance listening on an aliased private IP (192.168.253.1), through the ...
user5917373's user avatar
0 votes
0 answers
120 views

Can't connect Cisco 2621 to AWS EC2 Openswan site to site vpn

I am configuring Site-to-Site vpn between my home Cisco 2621 router and Amazon EC2 instance running openswan. I keep on getting the following message on the openswan server: " NO_PROPOSAL_CHOSEN " My ...
user1896576's user avatar
0 votes
0 answers
2k views

OpenSwan VPN IPSEC Tunnel Connection

I was hoping this website would be able to help with solving this issue since I've been running in circles on my end! I am using OpenSwan to setup an IPSec tunnel between a VPN server on Rackspace ...
Nare's user avatar
  • 55
0 votes
1 answer
208 views

Openswan L2TP setup to allow admin user access to AWS VPC

I've got an ssh bastion host, but managing the ssh whitelist is annoying, opening ssh to the world is suboptimal. I'd like to tuck a vpn server in front. Can't get openvpn to stay connected for more ...
jorfus's user avatar
  • 795
0 votes
1 answer
1k views

IPsec VPN between Fortigate 60C and openswan up, but no traffic

I get visual confirmation that the tunnel is working from the fortigate GUI but, it also says i don't have 1 byte of traffic, the linux server also confirms the tunnel is open but i can't ping nowhere,...
Julio Villalba's user avatar
0 votes
0 answers
3k views

Site-to site Configuration between OpenSwan and Cisco ASA

I am making site-to-site vpn connection using amazon ec2 linux and cisco asa router ( please note i donot have access to router only configuration is provided.) CISCO ASA CONFIGURATION : ...
Himanshu Singhal's user avatar
0 votes
0 answers
1k views

iptables DNAT packets into an openswan IPSEC tunnel

I have the following network setup: +-----------------------------------+ | | +-------...
Christian Anton's user avatar
0 votes
0 answers
920 views

Openswan malfunction since update

For security reasons i performed and update from a previous version of openswan to U2.6.32/K2.6.18-194.el5 (netkey) Since that moment i've been experiencing constant tunnel drops, i've checked the /...
Alonimus's user avatar
0 votes
0 answers
2k views

OpenSwan IPsec connection drops after 30 seconds

I'm trying to connect from my Linux Mint 16 box to a CloudStack server through IPsec L2TP. Building up the connection works (pings work across the tunnel). However 30 seconds later the IPsec tunnel ...
drcore's user avatar
  • 1