Skip to main content

Questions tagged [openswan]

The tag has no usage guidance.

Filter by
Sorted by
Tagged with
4 votes
1 answer
7k views

VPN ERROR 500 STATE_MAIN_I1, unable to start phase2

i'm trying to set up a site to site vpn to a fortigate 60c from a CentOS 7 with openswan, the error i get everytime is the following 000 #1: "office":500 STATE_MAIN_I1 (sent MI1, expecting MR1); ...
Julio Villalba's user avatar
1 vote
0 answers
1k views

Openswan through Amazon VPC Routing to Office Network

Were trying to create a road warrior VPN network. Since the internet in our office is slow, we are running it through a VPC with a replicated AD and File Server. There is currently an Amazon VPC VPN ...
David Eisen's user avatar
0 votes
1 answer
2k views

CentOS 7 ipsec hardware rngd erorr

ipsec verify Hardware RNG detected, testing if used properly [FAILED] Hardware RNG is present but 'rngd' is not running. No harware random used! Someone suggest to edit /etc/sysconfig/...
Jichao's user avatar
  • 3,067
1 vote
0 answers
625 views

openswan IPSEC site to site randomly disconnects on debian server

goodmorning my friends, this is my situation: I have two debian servers with static IP connected through a site to site VPN OPENSWAN, everything works like a charm, I can ping the entire lan from any ...
silvered.dragon's user avatar
0 votes
1 answer
728 views

OpenSwan Dead Peer Detection for Mac WIFI clients

I am running an OpenSwan server to facilitate client-server connections into a secure data centre. I have a problem with the standard L2TP over IPSEC client in MacOS, specifically when using WIFI. ...
Garreth McDaid's user avatar
1 vote
1 answer
8k views

IPSec VPN Fortigate Phase 2 stuck

Trying to setup a VPN connection to Office Fortigate but I can't pass phase 2. Received info from sysadmins: PSK IKE v1 Aggressive mode Phase1 3DES-SHA1 DH group 5 Key lifetime 28800 XAUTH PAP ...
H.Rabiee's user avatar
  • 111
0 votes
0 answers
3k views

Site-to site Configuration between OpenSwan and Cisco ASA

I am making site-to-site vpn connection using amazon ec2 linux and cisco asa router ( please note i donot have access to router only configuration is provided.) CISCO ASA CONFIGURATION : ...
Himanshu Singhal's user avatar
4 votes
2 answers
8k views

subnet-to-subnet libreswan ipsec vpn

I'm configuring a "subnet to subnet VPN" between two Centos 7 server using libreswan. Each server has two nic as showed in the following image. I would allow secure communication between the subnets ...
NoNoNo's user avatar
  • 1,983
0 votes
0 answers
1k views

iptables DNAT packets into an openswan IPSEC tunnel

I have the following network setup: +-----------------------------------+ | | +-------...
Christian Anton's user avatar
1 vote
0 answers
412 views

amazon ec2 instance going to a remote ip using openswan tunnel is up but no traffic being established on the remote ip

I having establishing a vpn tunnel to a remote peer/public ip using amazon ec2 openswan. The tunnel is up but no traffic has been seen on our side or the remote side? Is there I been missing? Please ...
Edmar's user avatar
  • 11
0 votes
0 answers
920 views

Openswan malfunction since update

For security reasons i performed and update from a previous version of openswan to U2.6.32/K2.6.18-194.el5 (netkey) Since that moment i've been experiencing constant tunnel drops, i've checked the /...
Alonimus's user avatar
2 votes
2 answers
2k views

How to deny connections to xl2tp without ipsec encryption?

I try to setup l2tp+ipsec server for my mobile use and my home router use. So I made some setup and checked it works fine from android device. I see encryption on ipsec --status. My system is CentOS ...
Insspb's user avatar
  • 33
1 vote
0 answers
541 views

Openswan and Cisco ASA

i have post this same question on "Unix & Linux" but iv got no answer and will delete from there but ill try here too. I need this as soon as possible to solve it or at least to find out what is ...
IvanCD's user avatar
  • 27
0 votes
1 answer
104 views

IP Addresses over IPSec

I've got four hosts setup as follows: I've got an IPSec tunnel via OpenSwan over the internet between Servers B and C. Servers A and D are configured to route traffic to the other via B and C ...
Alex's user avatar
  • 29
1 vote
1 answer
1k views

Clients cannot connect to L2TP server on Ubuntu 12.04 & 14.04 LTS

I am trying to set up a L2TP/IPSec server on AWS with instance running Ubuntu 14.04LTS. I followed the instructions that I found here : https://raymii.org/s/tags/vpn.html. I tried to use 12.04LTS ...
CK Tan's user avatar
  • 171
2 votes
0 answers
3k views

Creating redundant IPSec connections using OpenSwan

I have a linux (netkey) instance with openswan installed, the instance has two connection to the same IPSec peer that needs to act as redundant connections. both connections' properties are the same (...
Amir's user avatar
  • 21
1 vote
0 answers
785 views

Openswan ip tunnel not passing traffic

I had this tunnel already working, but now I needed to add two more ips 10.50.240.48/28 and 10.50.96.0/20. I set up my left and right and leftsubnets and rightsubnets properly in the openswan config. ...
JohnMerlino's user avatar
1 vote
1 answer
452 views

IPsec VPN Site-to-Site: Unable to reach hosts on same subnet as gateway

I am trying to bridge an office network with an Amazon VPC cloud network. So far everything seems to be working, except that I cannot reach servers on the same subnet as the cloud gateway. Office ...
whynotacarrot's user avatar
0 votes
0 answers
2k views

OpenSwan IPsec connection drops after 30 seconds

I'm trying to connect from my Linux Mint 16 box to a CloudStack server through IPsec L2TP. Building up the connection works (pings work across the tunnel). However 30 seconds later the IPsec tunnel ...
drcore's user avatar
  • 1
5 votes
1 answer
12k views

Site-to-Site IPsec vpn not sending ping across a tunnel

This is my first attempt at a site-to-site VPN. I chose to use IPec because it appeared to be the best solution for what I needed to accomplish. I've followed several different tutorials over the last ...
autisticgeek's user avatar
1 vote
0 answers
3k views

Cannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8

I have check a lot of other L2TP/IPsec VPN post and none of them seem to quite match the issues I am having so here is what going on. I am trying to set up a VPN on my Arch Linux server that I can ...
angellusmortis's user avatar
-1 votes
1 answer
1k views

Openswan and OpenVPN

I have installed Openswan and have configured IPSec tunnels and they work perfect until i install OpenVPN. Now i can't find out way the ping wont work. When i execute the "service ipsec status" it ...
IvanCD's user avatar
  • 27
0 votes
1 answer
455 views

VPN and router pass-through

I have been having trouble with VPN on my router, so I thought that since it allowed VPN Pass-through, I would set up a VPN server on an Ubuntu box here, and pass through to that. I have set up PPTP, ...
Brett's user avatar
  • 1
2 votes
0 answers
305 views

Openswan bad routing record after connect

I have a problem in openswan configuration. In the routing table create following lines on the client, after connect to server: Dest mask Gateway Conn Metric 0.0.0.0 ...
user218547's user avatar
3 votes
0 answers
573 views

Openswan and sonicwall and encryption parameters

This error leads me to investigate my encryption parameters: 003 "sonicwall" #2: ignoring unknown Vendor ID payload [...] Can some expert please have a look at tell me what is wrong? Sonic wall (...
jcalfee314's user avatar
2 votes
0 answers
754 views

OpenSwan + AWS + Ubuntu 14.04 - Cannot reach server

i'm currently trying to set up a VPN in order to login into a private subnet hosted on AWS. The target host has Ubuntu 14.04 and installed OpenSwan. I've setup ipsec.conf, ipsec.secrets, xl2tpd.conf, ...
nbriozzo's user avatar
2 votes
0 answers
2k views

Is it possible to do IPSec Site to Site VPN without static & public IP on one end?

I am working on a project for my engineering degree that requires me to interface with some pre-existing equipment, so I am rather limited on my options. I'm rather new to VPN and ipsec for that ...
BobTuckerman's user avatar
3 votes
1 answer
6k views

Openswan Cisco ASA 9.1 -- cannot resopnd to IPsec SA request because no connection is known for

Ok, so I have a simple VPN IPSEC setup with a single Linux host that has a public IP address and a loopback interface of 172.16.255.1. On the right side I have a Cisco ASA 5505 9.1. the issue is the ...
Jim's user avatar
  • 988
0 votes
1 answer
3k views

Openswan is not sending packets on new ip after DPD

I have configured tunnel with DDNS. After appliance get rebooted the other side is not sending packets on new ip-address (even i have set dpdaction=restart). I am using openswan 2.6.38. Here is my ...
Brijesh Valera's user avatar
1 vote
1 answer
3k views

Strongswan with X.509 authentication and LDAP authorization

I would like to setup Strongswan/Libreswan with PKI authentication. Now I have searched and found only how to configure specific accepted client certificates like here: http://technikenity.blogspot....
MemCtrl's user avatar
  • 118
3 votes
1 answer
2k views

L2TP VPN Connection on Debian Squeeze

I need to make an L2TP VPN connection from a Debian Squeeze server. What I have is: The server IP address Shared Key My username and password Just using these 3 parameteres I can establish the VPN ...
Lashae's user avatar
  • 183
0 votes
0 answers
987 views

Debugging IPSEC log

A Fortigate unit and a Openswan based Linux server. Tunnel is up but no data goes through. This is the log from the Forti unit: Line 204: ike 0:Brazil_VPN:2803378:19809969: responder received first ...
JustAGuy's user avatar
  • 649
3 votes
3 answers
15k views

openswan multiple subnets routing issue

I am trying to setup an OpenSwan(2.6.32) on CentOS 6.5 (final) to connect the remote VPC gateway on Amazon cloud. I got the tunnel up. However, only the traffic from/to the last ip range defined in ...
user2413287's user avatar
0 votes
0 answers
102 views

Iptables being changed without rebooting

I configured a tunnel between my network and a remote network with OpenSwan. On my tunnel endpoint, running on Ubuntu, I added iptables rules to disable source NAT (SNAT) when the destination was the ...
mdef's user avatar
  • 21
0 votes
0 answers
2k views

l2tp vpn is disconnected after few minutes

I installed IPSec/L2TP on my vps server. I tried to connect from my mac to this VPN server. First time, connection is succeeded. But after a few minutes, connection was broken by itself. After this,...
Albert's user avatar
  • 101
2 votes
1 answer
8k views

How do I configure routing for an IPSEC tunnel between Openswan and RouterOS

I am trying to create a site-to-site VPN between a Linux router that runs openswan and shorewall (host A, serving subnet 10.10.0.0/16) and a MikroTek RouterBoard running RouterOS 6.3 (host B, serving ...
dorian's user avatar
  • 437
-1 votes
1 answer
272 views

Openswan stopped writing to /var/log/secure after log deletion

I deleted the log intentionally but it seems like Openswan is not creating a new one on it's own. I tried restarting the service or even creating an empty file. Nothing works. What can I do besides ...
JustAGuy's user avatar
  • 649
2 votes
0 answers
579 views

IPsec connection established but xl2tpd times out

This may or may not be related to my problem with passing ipsec verify. I have configured L2TP/IPsec VPN on Ubuntu 13.04 following Ubuntu's community documentation and while IPsec connection seems ...
Damn Terminal's user avatar
1 vote
2 answers
14k views

Openswan + xl2tpd connections time out after a while

I have a non-NATed Openswan+xl2tpd server (Ubuntu 12.04), to which I connect with a Windows 8 behind NAT. The client loses its connection after a while of doing nothing (between 30 and 60 minutes, but ...
Halfgaar's user avatar
  • 8,234
2 votes
1 answer
9k views

Configure ipsec vpn tunnel (network to network with IKE with preshared key) on Centos 6 with openswan

I have Cisco Linksys router configured as VPN gateway (network to network) : Now I wanna configure ipsec VPN similarly on Centos 6 with openswan. I was looking in internet but have no luck (there are ...
B14D3's user avatar
  • 5,278
0 votes
1 answer
3k views

Translating IPTables rule to UFW

we are using an Ubuntu 12.04 x64 LTS VPS. Firewall being used is UFW. I have setup a Varnish + LEMP setup. along with other things, including an Openswan IPSEC VPN from our office to the VPS data ...
Dario Fumagalli's user avatar
6 votes
1 answer
3k views

IPSec + L2TP + NAT-Traversal does not work for multiple clients behind same nat

I have recently configured a VPN server hosted in AWS EC2. Details: Centos 6.4, openswan, xl2tpd, NAT-traversal. The configuration works great for a scenario when only one user connects form a given ...
Fentik's user avatar
  • 61
4 votes
2 answers
20k views

Openswan tunnel up, but works only in one direction

I've successfully established an IPsec connection, but it works only partially. One side does not send out packets through the tunnel. It seems as if the network topology is unclear to this side. ...
grasbueschel's user avatar
0 votes
1 answer
8k views

IPSEC Tunnel with OpenSwan on Ubuntu <-> CISCO Router

I have setup a tunnel between a UBUNTU SERVER linux box and a CISCO ROUTER. This is what's the topology looks like: host 1 ------ UBUNTU SERVER IPSEC <---> CISCO ROUTER ------ host 2 | ...
Pablo Santa Cruz's user avatar
1 vote
2 answers
4k views

Openswan tunnel to remote public NAT'd host

Need help on this VPN set-up to work. Left-hand. EC2: eth0:10.0.0.100/EIP=1.1.1.1 (ie. NAT'd IP) eth1:10.0.0.200/EIP=2.2.2.2 Peer ip/leftid: 1.1.1.1 Right-hand. Cisco: Peer ip: 3.3.3.3 Peer ...
dcvpn's user avatar
  • 31
0 votes
1 answer
162 views

L2TP/IPSec Conectivity Problems

We ar traying to establish a VPN to our office. We sucesful configured a debian server using openswan and lx2tpd. We test the conection on the local network, and established a VPN conection with the ...
EsteveBlanch's user avatar
0 votes
1 answer
156 views

Configuring IPSec

If you look at my previous question, you'll see that I have two IP Addresses (for the remote device), to configuring our VPN Tunnel: VPN Device Tunnel Endpoint IP Address: 91.151.a.b Host(s): IP ...
Mahdi's user avatar
  • 287
6 votes
3 answers
26k views

Simple L2TP/IPsec server not working (openswan, xl2tpd, Ubuntu, Windows)

I configured openswan and xl2tpd on an Ubuntu 12.04 server (on EC2) by following various tutorials/documentation which seem to largely say the same things, but most recently this one. However, my ...
xyzzyrz's user avatar
  • 1,665
7 votes
1 answer
22k views

Can't get past "pending Phase 2" on OpenSWAN <-> ISA Server IPSec VPN

The issue I´m having quite a hard time configuring OpenSWAN on my Linux server (Ubuntu 12.04) to connect to an ISA Server 2004 IPSec VPN. There is apparently something wrong in the configuration that ...
GomoX's user avatar
  • 826
2 votes
1 answer
13k views

openswan and xl2tpd tunnel not working?

Since weeks i want to setup l2tp tunnel with xl2tpd and openswan in debian wheezy, the external interface is ppp0 with dynamic ip and the internal interface is eth0 with ip address 192.168.1.1. l2tp ...
shams's user avatar
  • 21