Questions tagged [openswan]
The openswan tag has no usage guidance.
58
questions with no upvoted or accepted answers
4
votes
2
answers
8k
views
subnet-to-subnet libreswan ipsec vpn
I'm configuring a "subnet to subnet VPN" between two Centos 7 server using libreswan.
Each server has two nic as showed in the following image.
I would allow secure communication between the subnets ...
4
votes
0
answers
1k
views
How do I configure OpenSwan to allow pure IPsec (not L2TP) connections from an iPhone?
Similar to this question, I want to configure an IPsec server on Linux which will accept connections from the iPhone. However, unlike the other question, I want to be able to test with pre-shared keys ...
3
votes
0
answers
644
views
OpenSwan IPSec log explanation
I am trying to understand the IPSec logs. Would be really great if someone can help me to understand the main things I look for and how to troubleshoot any ipsec issue. Would be really great of ...
3
votes
0
answers
657
views
Is there an extension of host to host ipsec to a many-many configuration?
Having a typical host to host transport mode ipsec configuration,
conn appserver01-to-swift01
[email protected]
left=10.133.176.246
leftrsasigkey=xxxxxxxxxxxxxxxxxxxxxxxx
...
3
votes
0
answers
573
views
Openswan and sonicwall and encryption parameters
This error leads me to investigate my encryption parameters:
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
Can some expert please have a look at tell me what is wrong?
Sonic wall (...
3
votes
1
answer
4k
views
IKE Phase 1 Aggressive Mode exchange does not complete
I've configured a 3G IP Gateway of mine to connect using IKE Phase 1 Aggressive Mode with PSK to my openswan installation running on Ubuntu server 12.04. I've configured openswan as follows:
/etc/...
2
votes
1
answer
162
views
what is the proposal string for aes-gem256 deffie helman group 20, esp
As a developer tasked with connecting to a vpn without preconfigured profile scripts, i'm fumbling through setting up a strongswan ipsec.conf file. My current hurdle is an "invalid proposal ...
2
votes
1
answer
4k
views
Routing between OpenSWAN / IPSEC tunnels
I am trying to connect multiple Amazon VPCs (across regions) together using OpenSWAN and Amazon VGW's. The router instance can ping to hosts in both VPCs, and traffic is attempting to cross the router,...
2
votes
3
answers
11k
views
ipsec: Can't authenticate: no preshared key found for
I'm using Openswan with ipsec and ipsec keeps complaining about the shared-key not being present. I'm running Ubuntu 14.04 .
I'm just experimenting on a couple of internal systems since I'm new to ...
2
votes
0
answers
1k
views
Openswan IPSec VPN on AWS tunnel established but no traffic
I am setting up a tunnel with a telco using AWS/VPC/EC2/Centos7/Libreswan and have been stuck for weeks. Appreciate any help!
I have 192.168.16.73 (VPN GW, EIP 52.76.x.x) and 192.168.16.116 (...
2
votes
0
answers
3k
views
Creating redundant IPSec connections using OpenSwan
I have a linux (netkey) instance with openswan installed, the instance has two connection to the same IPSec peer that needs to act as redundant connections. both connections' properties are the same (...
2
votes
0
answers
305
views
Openswan bad routing record after connect
I have a problem in openswan configuration. In the routing table create following lines on the client, after connect to server:
Dest mask Gateway Conn Metric
0.0.0.0 ...
2
votes
0
answers
754
views
OpenSwan + AWS + Ubuntu 14.04 - Cannot reach server
i'm currently trying to set up a VPN in order to login into a private subnet hosted on AWS.
The target host has Ubuntu 14.04 and installed OpenSwan.
I've setup ipsec.conf, ipsec.secrets, xl2tpd.conf, ...
2
votes
0
answers
2k
views
Is it possible to do IPSec Site to Site VPN without static & public IP on one end?
I am working on a project for my engineering degree that requires me to interface with some pre-existing equipment, so I am rather limited on my options. I'm rather new to VPN and ipsec for that ...
2
votes
0
answers
579
views
IPsec connection established but xl2tpd times out
This may or may not be related to my problem with passing ipsec verify.
I have configured L2TP/IPsec VPN on Ubuntu 13.04 following Ubuntu's community documentation and while IPsec connection seems ...
2
votes
0
answers
13k
views
ipsec IKE phase 1 failure
I have a wireless gateway that supports site-to-site IPSec. I have configured openswan on Ubuntu Server 12.04 (left side of the tunnel) with the following /etc/ipsec.conf:
version 2.0
config setup
...
2
votes
0
answers
278
views
Sending L2tp/IPsec PSK client packets to OpenSwan server
I'm trying (kind of) to create VPN client, I set my server on Ubuntu using OpenSwan (L2tp/IPsec PSK). What I'm doing right now is sending packets to my server and trying to exchange my keys with the ...
1
vote
0
answers
173
views
Trouble with routing on VPN with Openswan IPSec
Good morning, I'm having trouble configuring access to the servers through a VPN. The client can connect to the VPN perfectly, but access to the servers does not work.
The conf of my connection is ...
1
vote
0
answers
812
views
Openswan l2tp vpn ppp wrong ip address
Using Openswan with xl2tp on archlinux (4.20) to connect to a vpn, I can create the tunnel and the ppp interface is created howerver it gets the wrong ip address:
enp4s0: <BROADCAST,MULTICAST,...
1
vote
1
answer
2k
views
How to connect VPN Client Openswan
I have VPN server using Openswan with address 103.19.208.247
Then, i want connect my laptop (CENTOS) with IP 103.19.208.243 to VPN server. Here my configuration:
/etc/ipsec.conf
config setup
...
1
vote
0
answers
127
views
Ubuntu site-to-site VPN with no LAN on one side
A customer requires us to connect to their system via a site-to-site VPN tunnel. ("Client-based VPN solutions are not accepted.") Once the tunnel is established we'll be consuming data over the ...
1
vote
1
answer
3k
views
OpenSwan - IPSec VPN - tunnel established but can't see a specific server there
I have to connect my server to a VPN tunnel thought Internet to see a local server that is on IP 192.168.20.100
Here are IPSec AND IKE settings from server (not mine , I do not own the VPN server)
...
1
vote
0
answers
189
views
OpenSwan and L2TPd traversing secondary gateway
I need some help with a networking project using Linux (RHEL based) and open swan with L2TPd (xl2tpd). While the initial setup works great, I want my VPN traffic to traverse over the secondary ...
1
vote
0
answers
356
views
Why would ping oscillate between receiving bytes and redirects over a VPN?
I have a VPN set up between an Ubuntu 14 VM under fusion on my side and a SonicWall on the other side. The Ubuntu VM is dedicated to the task.
When I ping a remote address, the results are very ...
1
vote
0
answers
2k
views
Docker + VPN LAN to LAN
We just migrated our applications to a Docker environment.
I have many containers running my Python Application in my VM. (4 containers per VM). This is a multi-tenant application.
This application ...
1
vote
0
answers
420
views
Openswan to Cisco ASA IPSec tunnel - specific IP address range required. Netmap?
I'm attempting to set up a VPN tunnel between a Cisco ASA 5520 and an Openswan server running on Ubuntu 14.04 on a Amazon VPC instance. I do not have access to the ASA, and have been given the ...
1
vote
0
answers
121
views
IPsec and pinging rightsubnets
I have been racking my brain about this. I have openswan running and I have been able to get tunnels up. Unfortunately, when I try to ping computers on my right subnet, I am not able to get any ...
1
vote
0
answers
1k
views
Openswan through Amazon VPC Routing to Office Network
Were trying to create a road warrior VPN network. Since the internet in our office is slow, we are running it through a VPC with a replicated AD and File Server. There is currently an Amazon VPC VPN ...
1
vote
0
answers
625
views
openswan IPSEC site to site randomly disconnects on debian server
goodmorning my friends,
this is my situation:
I have two debian servers with static IP connected through a site to site VPN OPENSWAN, everything works like a charm, I can ping the entire lan from any ...
1
vote
1
answer
8k
views
IPSec VPN Fortigate Phase 2 stuck
Trying to setup a VPN connection to Office Fortigate but I can't pass phase
2.
Received info from sysadmins:
PSK
IKE v1
Aggressive mode
Phase1 3DES-SHA1
DH group 5
Key lifetime 28800
XAUTH PAP ...
1
vote
0
answers
412
views
amazon ec2 instance going to a remote ip using openswan tunnel is up but no traffic being established on the remote ip
I having establishing a vpn tunnel to a remote peer/public ip using amazon ec2 openswan. The tunnel is up but no traffic has been seen on our side or the remote side? Is there I been missing? Please ...
1
vote
0
answers
541
views
Openswan and Cisco ASA
i have post this same question on "Unix & Linux" but iv got no answer and will delete from there but ill try here too. I need this as soon as possible to solve it or at least to find out what is ...
1
vote
0
answers
785
views
Openswan ip tunnel not passing traffic
I had this tunnel already working, but now I needed to add two more ips 10.50.240.48/28 and 10.50.96.0/20. I set up my left and right and leftsubnets and rightsubnets properly in the openswan config. ...
1
vote
0
answers
3k
views
Cannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8
I have check a lot of other L2TP/IPsec VPN post and none of them seem to quite match the issues I am having so here is what going on.
I am trying to set up a VPN on my Arch Linux server that I can ...
1
vote
0
answers
1k
views
L2TP & IPSec (OpenSwan) on Centos time out when connecting
I'm having big trouble setting up a very simple VPN. Using Centos 6.
My Server Address : 61.34.26.32 (fictive)
Whenever I try to connect (from iPhone5 or MacOS X) i get a connection timeout.
I ...
0
votes
1
answer
119
views
How to get 2 tunnels UP between OpenSwan and AWS?
I have a VPC and network in eu-central-1 and one in eu-west-1 in AWS.
The eu-central-1 fakes my on-prem environment. There I installed and configured OpenSwan on an EC2. In in eu-west-1 I configured a ...
0
votes
0
answers
194
views
Options for rebuilding OpenSwan box to LibreSwan without downtime?
This is all in an AWS VPC environment.
We have an old Ubuntu 12.04 machine running OpenSwan which is managing a pile of VPN connections. This has worked well for us thus far, but 12.04 is no longer ...
0
votes
0
answers
1k
views
AWS Ubuntu Strongswan IPSec VPN and Iptables configuration tunnel routing
I've muddled up my configuration.
I've setup a site-to-site VPN between an AWS Ubuntu VM running strongswan, and another site.
The VPN tunnel is working, but anytime I try to route traffic through ...
0
votes
1
answer
1k
views
Policy based routing in linux based on destination address.
I am struggling with a scenario. Suppose we have two systems in same subnet A:- 192.168.1.5 and B:-192.168.1.6 where B is further connected with C:-172.22.1.5 through Openswan. B can ping C but A cant ...
0
votes
0
answers
1k
views
IPsec VPN with subnet overlapping and NAT
I'm trying to configure, through OpenSwan on a Linux Ubuntu 14.04 the following scenario.
It's an interesting configuration and it would be great to understand why I'm failing configuring correctly, ...
0
votes
1
answer
2k
views
ipsec verify indicates ERRORS "No tunnels up"
I just installed openswan on Ubuntu14. I'm trying to connect to my work's VPN (I have access to the Firewall/VPN btw). When I do a
/usr/sbin/ipsec verify
I get the following:
Checking your system ...
0
votes
1
answer
451
views
IPSEC VPN site-to-"alias"
I am trying to connect my CentOS (CentOS release 6.7) server to a 3rd party VPN so traffic can be routed between my Apache instance listening on an aliased private IP (192.168.253.1), through the ...
0
votes
0
answers
120
views
Can't connect Cisco 2621 to AWS EC2 Openswan site to site vpn
I am configuring Site-to-Site vpn between my home Cisco 2621 router and Amazon EC2 instance running openswan.
I keep on getting the following message on the openswan server: " NO_PROPOSAL_CHOSEN "
My ...
0
votes
0
answers
2k
views
OpenSwan VPN IPSEC Tunnel Connection
I was hoping this website would be able to help with solving this issue since I've been running in circles on my end!
I am using OpenSwan to setup an IPSec tunnel between a VPN server on Rackspace ...
0
votes
1
answer
208
views
Openswan L2TP setup to allow admin user access to AWS VPC
I've got an ssh bastion host, but managing the ssh whitelist is annoying, opening ssh to the world is suboptimal. I'd like to tuck a vpn server in front.
Can't get openvpn to stay connected for more ...
0
votes
1
answer
1k
views
IPsec VPN between Fortigate 60C and openswan up, but no traffic
I get visual confirmation that the tunnel is working from the fortigate GUI but, it also says i don't have 1 byte of traffic, the linux server also confirms the tunnel is open but i can't ping nowhere,...
0
votes
0
answers
3k
views
Site-to site Configuration between OpenSwan and Cisco ASA
I am making site-to-site vpn connection using amazon ec2 linux and cisco asa router ( please note i donot have access to router only configuration is provided.)
CISCO ASA CONFIGURATION :
...
0
votes
0
answers
1k
views
iptables DNAT packets into an openswan IPSEC tunnel
I have the following network setup:
+-----------------------------------+
| |
+-------...
0
votes
0
answers
920
views
Openswan malfunction since update
For security reasons i performed and update from a previous version of openswan to U2.6.32/K2.6.18-194.el5 (netkey)
Since that moment i've been experiencing constant tunnel drops, i've checked the /...
0
votes
0
answers
2k
views
OpenSwan IPsec connection drops after 30 seconds
I'm trying to connect from my Linux Mint 16 box to a CloudStack server through IPsec L2TP. Building up the connection works (pings work across the tunnel). However 30 seconds later the IPsec tunnel ...