Questions tagged [openswan]
The openswan tag has no usage guidance.
130
questions
4
votes
1
answer
7k
views
VPN ERROR 500 STATE_MAIN_I1, unable to start phase2
i'm trying to set up a site to site vpn to a fortigate 60c from a CentOS 7 with openswan, the error i get everytime is the following
000 #1: "office":500 STATE_MAIN_I1 (sent MI1, expecting MR1);
...
1
vote
0
answers
1k
views
Openswan through Amazon VPC Routing to Office Network
Were trying to create a road warrior VPN network. Since the internet in our office is slow, we are running it through a VPC with a replicated AD and File Server. There is currently an Amazon VPC VPN ...
0
votes
1
answer
2k
views
CentOS 7 ipsec hardware rngd erorr
ipsec verify
Hardware RNG detected, testing if used properly
[FAILED]
Hardware RNG is present but 'rngd' is not running. No harware
random used!
Someone suggest to edit /etc/sysconfig/...
1
vote
0
answers
625
views
openswan IPSEC site to site randomly disconnects on debian server
goodmorning my friends,
this is my situation:
I have two debian servers with static IP connected through a site to site VPN OPENSWAN, everything works like a charm, I can ping the entire lan from any ...
0
votes
1
answer
728
views
OpenSwan Dead Peer Detection for Mac WIFI clients
I am running an OpenSwan server to facilitate client-server connections into a secure data centre.
I have a problem with the standard L2TP over IPSEC client in MacOS, specifically when using WIFI.
...
1
vote
1
answer
8k
views
IPSec VPN Fortigate Phase 2 stuck
Trying to setup a VPN connection to Office Fortigate but I can't pass phase
2.
Received info from sysadmins:
PSK
IKE v1
Aggressive mode
Phase1 3DES-SHA1
DH group 5
Key lifetime 28800
XAUTH PAP ...
0
votes
0
answers
3k
views
Site-to site Configuration between OpenSwan and Cisco ASA
I am making site-to-site vpn connection using amazon ec2 linux and cisco asa router ( please note i donot have access to router only configuration is provided.)
CISCO ASA CONFIGURATION :
...
4
votes
2
answers
8k
views
subnet-to-subnet libreswan ipsec vpn
I'm configuring a "subnet to subnet VPN" between two Centos 7 server using libreswan.
Each server has two nic as showed in the following image.
I would allow secure communication between the subnets ...
0
votes
0
answers
1k
views
iptables DNAT packets into an openswan IPSEC tunnel
I have the following network setup:
+-----------------------------------+
| |
+-------...
1
vote
0
answers
412
views
amazon ec2 instance going to a remote ip using openswan tunnel is up but no traffic being established on the remote ip
I having establishing a vpn tunnel to a remote peer/public ip using amazon ec2 openswan. The tunnel is up but no traffic has been seen on our side or the remote side? Is there I been missing? Please ...
0
votes
0
answers
920
views
Openswan malfunction since update
For security reasons i performed and update from a previous version of openswan to U2.6.32/K2.6.18-194.el5 (netkey)
Since that moment i've been experiencing constant tunnel drops, i've checked the /...
2
votes
2
answers
2k
views
How to deny connections to xl2tp without ipsec encryption?
I try to setup l2tp+ipsec server for my mobile use and my home router use.
So I made some setup and checked it works fine from android device. I see encryption on ipsec --status.
My system is CentOS ...
1
vote
0
answers
541
views
Openswan and Cisco ASA
i have post this same question on "Unix & Linux" but iv got no answer and will delete from there but ill try here too. I need this as soon as possible to solve it or at least to find out what is ...
0
votes
1
answer
104
views
IP Addresses over IPSec
I've got four hosts setup as follows:
I've got an IPSec tunnel via OpenSwan over the internet between Servers B and C. Servers A and D are configured to route traffic to the other via B and C ...
1
vote
1
answer
1k
views
Clients cannot connect to L2TP server on Ubuntu 12.04 & 14.04 LTS
I am trying to set up a L2TP/IPSec server on AWS with instance running Ubuntu 14.04LTS. I followed the instructions that I found here : https://raymii.org/s/tags/vpn.html.
I tried to use 12.04LTS ...
2
votes
0
answers
3k
views
Creating redundant IPSec connections using OpenSwan
I have a linux (netkey) instance with openswan installed, the instance has two connection to the same IPSec peer that needs to act as redundant connections. both connections' properties are the same (...
1
vote
0
answers
785
views
Openswan ip tunnel not passing traffic
I had this tunnel already working, but now I needed to add two more ips 10.50.240.48/28 and 10.50.96.0/20. I set up my left and right and leftsubnets and rightsubnets properly in the openswan config. ...
1
vote
1
answer
452
views
IPsec VPN Site-to-Site: Unable to reach hosts on same subnet as gateway
I am trying to bridge an office network with an Amazon VPC cloud network. So far everything seems to be working, except that I cannot reach servers on the same subnet as the cloud gateway.
Office ...
0
votes
0
answers
2k
views
OpenSwan IPsec connection drops after 30 seconds
I'm trying to connect from my Linux Mint 16 box to a CloudStack server through IPsec L2TP. Building up the connection works (pings work across the tunnel). However 30 seconds later the IPsec tunnel ...
5
votes
1
answer
12k
views
Site-to-Site IPsec vpn not sending ping across a tunnel
This is my first attempt at a site-to-site VPN. I chose to use IPec because it appeared to be the best solution for what I needed to accomplish. I've followed several different tutorials over the last ...
1
vote
0
answers
3k
views
Cannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8
I have check a lot of other L2TP/IPsec VPN post and none of them seem to quite match the issues I am having so here is what going on.
I am trying to set up a VPN on my Arch Linux server that I can ...
-1
votes
1
answer
1k
views
Openswan and OpenVPN
I have installed Openswan and have configured IPSec tunnels and they work perfect until i install OpenVPN. Now i can't find out way the ping wont work.
When i execute the "service ipsec status" it ...
0
votes
1
answer
455
views
VPN and router pass-through
I have been having trouble with VPN on my router, so I thought that since it allowed VPN Pass-through, I would set up a VPN server on an Ubuntu box here, and pass through to that.
I have set up PPTP, ...
2
votes
0
answers
305
views
Openswan bad routing record after connect
I have a problem in openswan configuration. In the routing table create following lines on the client, after connect to server:
Dest mask Gateway Conn Metric
0.0.0.0 ...
3
votes
0
answers
573
views
Openswan and sonicwall and encryption parameters
This error leads me to investigate my encryption parameters:
003 "sonicwall" #2: ignoring unknown Vendor ID payload [...]
Can some expert please have a look at tell me what is wrong?
Sonic wall (...
2
votes
0
answers
754
views
OpenSwan + AWS + Ubuntu 14.04 - Cannot reach server
i'm currently trying to set up a VPN in order to login into a private subnet hosted on AWS.
The target host has Ubuntu 14.04 and installed OpenSwan.
I've setup ipsec.conf, ipsec.secrets, xl2tpd.conf, ...
2
votes
0
answers
2k
views
Is it possible to do IPSec Site to Site VPN without static & public IP on one end?
I am working on a project for my engineering degree that requires me to interface with some pre-existing equipment, so I am rather limited on my options. I'm rather new to VPN and ipsec for that ...
3
votes
1
answer
6k
views
Openswan Cisco ASA 9.1 -- cannot resopnd to IPsec SA request because no connection is known for
Ok, so I have a simple VPN IPSEC setup with a single Linux host that has a public IP address and a loopback interface of 172.16.255.1. On the right side I have a Cisco ASA 5505 9.1. the issue is the ...
0
votes
1
answer
3k
views
Openswan is not sending packets on new ip after DPD
I have configured tunnel with DDNS. After appliance get rebooted the other side is not sending packets on new ip-address (even i have set dpdaction=restart).
I am using openswan 2.6.38.
Here is my ...
1
vote
1
answer
3k
views
Strongswan with X.509 authentication and LDAP authorization
I would like to setup Strongswan/Libreswan with PKI authentication. Now I have searched and found only how to configure specific accepted client certificates like here: http://technikenity.blogspot....
3
votes
1
answer
2k
views
L2TP VPN Connection on Debian Squeeze
I need to make an L2TP VPN connection from a Debian Squeeze server.
What I have is:
The server IP address
Shared Key
My username and password
Just using these 3 parameteres I can establish the VPN ...
0
votes
0
answers
987
views
Debugging IPSEC log
A Fortigate unit and a Openswan based Linux server.
Tunnel is up but no data goes through.
This is the log from the Forti unit:
Line 204: ike 0:Brazil_VPN:2803378:19809969: responder received first ...
3
votes
3
answers
15k
views
openswan multiple subnets routing issue
I am trying to setup an OpenSwan(2.6.32) on CentOS 6.5 (final) to connect the remote VPC gateway on Amazon cloud. I got the tunnel up. However, only the traffic from/to the last ip range defined in ...
0
votes
0
answers
102
views
Iptables being changed without rebooting
I configured a tunnel between my network and a remote network with OpenSwan. On my tunnel endpoint, running on Ubuntu, I added iptables rules to disable source NAT (SNAT) when the destination was the ...
0
votes
0
answers
2k
views
l2tp vpn is disconnected after few minutes
I installed IPSec/L2TP on my vps server.
I tried to connect from my mac to this VPN server.
First time, connection is succeeded. But after a few minutes, connection was broken by itself.
After this,...
2
votes
1
answer
8k
views
How do I configure routing for an IPSEC tunnel between Openswan and RouterOS
I am trying to create a site-to-site VPN between a Linux router that runs openswan and shorewall (host A, serving subnet 10.10.0.0/16) and a MikroTek RouterBoard running RouterOS 6.3 (host B, serving ...
-1
votes
1
answer
272
views
Openswan stopped writing to /var/log/secure after log deletion
I deleted the log intentionally but it seems like Openswan is not creating a new one on it's own. I tried restarting the service or even creating an empty file. Nothing works.
What can I do besides ...
2
votes
0
answers
579
views
IPsec connection established but xl2tpd times out
This may or may not be related to my problem with passing ipsec verify.
I have configured L2TP/IPsec VPN on Ubuntu 13.04 following Ubuntu's community documentation and while IPsec connection seems ...
1
vote
2
answers
14k
views
Openswan + xl2tpd connections time out after a while
I have a non-NATed Openswan+xl2tpd server (Ubuntu 12.04), to which I connect with a Windows 8 behind NAT. The client loses its connection after a while of doing nothing (between 30 and 60 minutes, but ...
2
votes
1
answer
9k
views
Configure ipsec vpn tunnel (network to network with IKE with preshared key) on Centos 6 with openswan
I have Cisco Linksys router configured as VPN gateway (network to network) :
Now I wanna configure ipsec VPN similarly on Centos 6 with openswan. I was looking in internet but have no luck (there are ...
0
votes
1
answer
3k
views
Translating IPTables rule to UFW
we are using an Ubuntu 12.04 x64 LTS VPS. Firewall being used is UFW.
I have setup a Varnish + LEMP setup. along with other things, including an Openswan IPSEC VPN from our office to the VPS data ...
6
votes
1
answer
3k
views
IPSec + L2TP + NAT-Traversal does not work for multiple clients behind same nat
I have recently configured a VPN server hosted in AWS EC2.
Details: Centos 6.4, openswan, xl2tpd, NAT-traversal.
The configuration works great for a scenario when only one user connects form a given ...
4
votes
2
answers
20k
views
Openswan tunnel up, but works only in one direction
I've successfully established an IPsec connection, but it works only partially. One side does not send out packets through the tunnel. It seems as if the network topology is unclear to this side.
...
0
votes
1
answer
8k
views
IPSEC Tunnel with OpenSwan on Ubuntu <-> CISCO Router
I have setup a tunnel between a UBUNTU SERVER linux box and a CISCO ROUTER.
This is what's the topology looks like:
host 1 ------ UBUNTU SERVER IPSEC <---> CISCO ROUTER ------ host 2
| ...
1
vote
2
answers
4k
views
Openswan tunnel to remote public NAT'd host
Need help on this VPN set-up to work.
Left-hand. EC2:
eth0:10.0.0.100/EIP=1.1.1.1 (ie. NAT'd IP)
eth1:10.0.0.200/EIP=2.2.2.2
Peer ip/leftid: 1.1.1.1
Right-hand. Cisco:
Peer ip: 3.3.3.3
Peer ...
0
votes
1
answer
162
views
L2TP/IPSec Conectivity Problems
We ar traying to establish a VPN to our office.
We sucesful configured a debian server using openswan and lx2tpd.
We test the conection on the local network, and established a VPN conection with the ...
0
votes
1
answer
156
views
Configuring IPSec
If you look at my previous question, you'll see that I have two IP Addresses (for the remote device), to configuring our VPN Tunnel:
VPN Device Tunnel Endpoint IP Address: 91.151.a.b
Host(s): IP ...
6
votes
3
answers
26k
views
Simple L2TP/IPsec server not working (openswan, xl2tpd, Ubuntu, Windows)
I configured openswan and xl2tpd on an Ubuntu 12.04 server (on EC2) by following various tutorials/documentation which seem to largely say the same things, but most recently this one.
However, my ...
7
votes
1
answer
22k
views
Can't get past "pending Phase 2" on OpenSWAN <-> ISA Server IPSec VPN
The issue
I´m having quite a hard time configuring OpenSWAN on my Linux server (Ubuntu 12.04) to connect to an ISA Server 2004 IPSec VPN. There is apparently something wrong in the configuration that ...
2
votes
1
answer
13k
views
openswan and xl2tpd tunnel not working?
Since weeks i want to setup l2tp tunnel with xl2tpd and openswan in debian wheezy, the external interface is ppp0 with dynamic ip and the internal interface is eth0 with ip address 192.168.1.1.
l2tp ...