Skip to main content

Questions tagged [ipsec]

IPSec is a method to provide internet security over the layer 3 of the OSI model.

121 questions with no upvoted or accepted answers
Filter by
Sorted by
Tagged with
6 votes
0 answers
882 views

Forward IPsec tunnel from IPv4 endpoint to IPv6 endpoint

I have a new ISP and only have a Dual Stack - lite connection now. That means I can't access my router via IPv4 anymore, since the external IPv4 address is private. I have native IPv6 connectivity. ...
Jonathan's user avatar
  • 161
5 votes
0 answers
6k views

How do I configure DD-WRT to forward IPSec traffic to an internal server to support a road warrior configuration?

I use dd-wrt as my home router setup and that's been working fine. Now I wanted to figure out a way to be able to use my iPad to set up a IPSec tunnel to my home network while I'm on the road. PPTP ...
jnman's user avatar
  • 193
4 votes
1 answer
3k views

L2TP/IPSec On Mac Failed to connect

I am connecting to a VPN Server set up following instructions in https://github.com/hwdsl2/setup-ipsec-vpn And I setup the clients following https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/...
addlistener's user avatar
4 votes
0 answers
29k views

Can someone help me understand ALG and VPN settings on my router?

I'm looking at the settings in my TP-LINK WDR4300 router and noticed settings for VPN passthrough and ALG. Every single option is enabled but I am hoping someone can help me understand these settings ...
user avatar
3 votes
0 answers
769 views

How to selectively route traffic for Cisco IPSec on macOS Mojave?

I am working from home and have to be connected to our Cisco VPN to access certain websites, such as self-hosted GitHub. Is there away to configure the VPN to only be used for self-hosted GitHub and ...
bsarrazin's user avatar
  • 131
3 votes
0 answers
1k views

How can I set an IPsec ID using the Windows 8 built-in VPN client?

I'm trying to connect to a VPN using the built in Windows 8 VPN client. The VPN uses L2TP/IPsec and a pre-shared key. I can see it's connecting to the VPN but not making it through authentication. I ...
rtf's user avatar
  • 12.8k
3 votes
0 answers
2k views

Shrew Soft VPN Client - Negotiation timout

I am having an issue running Shrew Soft VPN Client on Windows 7 Pro x64. While trying to resolve this issue I have disabled miniport adapters like a lot of websites say to do however this hasn't ...
Rambomst's user avatar
  • 193
2 votes
0 answers
2k views

Troubleshooting VPN connection with Wireshark by decrypting IPSec packets

I'm having troubling establishing a VPN connection to a specific network and I'm not the only one having issues. As per their instructions, I'm using the standard VPN client built in windows with pre-...
Fedor Alexander Steeman's user avatar
2 votes
0 answers
891 views

xl2tpd-control command not working

I have an cisco vpn server which which i am trying to connect an endpoint through VPN(IPsec/L2TP). I have strongswan, xl2tpd and pppd running on my machine. IPsec conection is established successfully ...
Vikash Srivastava's user avatar
2 votes
1 answer
436 views

How can I automatically connect to a VPN if I connect to a specific Wi-Fi network on Windows 10?

I have set up an IKEv2 VPN connection with Windows 10. How can I automatically connect to this VPN if my laptop connects to a specific Wi-Fi network?
ezmil's user avatar
  • 21
2 votes
0 answers
2k views

Issue with setting up IPSec VPN in host-to-network mode

I have set up IPSec VPN using OpenSwan on CentOS 6.5. But not able to get the tunnel up and running. When site B tries to ping my VPS (site A), they get following error: Feb 26 11:33:59 [IKEv1 DEBUG]...
Suraj's user avatar
  • 21
2 votes
0 answers
966 views

Cisco RV180 ipsec vpn to mac os x 10.8.2 default client Configuration

I would like to configure an IPSec VPN tunnel between my RV180 (server, last firmware) and my Mac OSX 10.8.2 laptop. I have little knowledge about VPN, and a bit more about network in general. I have ...
soleshoe's user avatar
  • 121
2 votes
1 answer
2k views

Is it possible to set up IPSec on a linux virtual machine host to connect to an Azure virtual network

We run some virtual machines in an onsite Ubuntu based server with guests being a mixture of Windows Server and Ubuntu. We're also setting up some Windows Azure virtual machines and ideally would like ...
tooba's user avatar
  • 53
1 vote
0 answers
36 views

Routing specific subnet through a local peer

I have two (almost identical) Ubuntu machines with the local IP of 10.0.0.10 and 10.0.0.20, let's call them TEN and TWENTY respectively. Both have the default gateway of 10.0.0.1. On TEN I have a site-...
0s r Fun's user avatar
1 vote
0 answers
27 views

Using remore office local internet

I bought two routers (DrayTek Vigor 2866ax) to connect offices in different countries. The problem we have is we need to use internet of other country to connect to our bank accounts and local ...
James Lee's user avatar
1 vote
0 answers
289 views

Configuring IPsec idle timeout on Windows

I am experimenting with built-in Windows IPsec functionality (advfirewall Connection Security Rules method) against an embedded Strongswan server. I have observed the following behavior: Phase 2 (...
theultramage's user avatar
1 vote
0 answers
38 views

Trying to find out the best possible network setup to allow IPSec tunneling between networks through Cisco router and DreyTek network device

I'm trying to find out the best possible network setup for my test SOHO network. My goal is to create a create IPSec tunnel between my network (192.168.68.0/24) and a remote network. The main reason I ...
Hasan Mahmood's user avatar
1 vote
0 answers
388 views

StrongSwan 5.9.1 (Debian Bullseye): Traffic from IPsec tunnel gets forwarded via Ethernet, but not via bridge

The following problem: I have a server that is, in addition to other tasks not relevant for the problem at hand, supposed to act as an IPsec gateway. When I'm using the Ethernet interface pointing to ...
Robidu's user avatar
  • 265
1 vote
1 answer
1k views

Strongswan VPN certificate authentication failed

I've installed strongswan vpn on my ubuntu server. Set up certificate authentication. I've set up my android-phone and it works fine. But connection didn't established on the windows machine. I copied ...
user18848352's user avatar
1 vote
0 answers
2k views

iptables to nftables for iKEv2 IPSEC VPN server

Can someone please help in converting the below iptable rules to equivalent nftables rules? I have already tried to use iptables-translate, but it is not translating all of my rules... # accept ports ...
user2837961's user avatar
1 vote
0 answers
117 views

firewalld: Block non-ESP packets on interface in GNU/Linux similar to OpenBSD

I am trying to "enforce" IPSec (StrongSwan) traffic on openSUSE. On OpenBSD, with the IKE daemon iked and the packet filter pf, I employ a ruleset like the following, to ensure only ...
gecko's user avatar
  • 26
1 vote
0 answers
163 views

IPsec and private IP

I'm creating an IPsec / L2TP network and I want to have one server and multiple clients. On each client, the only way I got IPsec to work properly was to set the IP of the interface that will host the ...
DBCL's user avatar
  • 33
1 vote
1 answer
1k views

macos ipsec vpn not using proper dns servers

I've read several articles on DNS resolution over IPSEC using the native VPN client for macos but I can't seem to resolve the issue. The ISPEC server is pfSense. I have added the proper DNS servers ...
Gary Smith's user avatar
1 vote
0 answers
65 views

IPSec Phase 2 Configuration For Translated Subnets?

I have two networks with the 10.0.0.0/8 subnet I'm trying to connect via IPSec tunnels. I have the phase 1 configurations working but am a bit stuck on the phase 2 configurations. Each firewall used ...
CoryG's user avatar
  • 314
1 vote
1 answer
5k views

Use Own VPN Server on Google Chrome Browser

I'm looking a way to connect Internet through my VPN server while browsing from Google Chrome Browser. I though best way is use an extension but I couldn't find any extension that let me enter my own ...
tatoline's user avatar
  • 623
1 vote
0 answers
3k views

How to setup IPSec VPN between PFSense and Edgerouter X

We have 2 routers/firewalls, 1x pfSense and 1x UBNT Edgerouter X. I tried to setup an IPsec site-to-site connection between these 2 but i cannot get it done. I followed multiple "tutorials"/...
CodeNinja's user avatar
  • 133
1 vote
0 answers
131 views

How to configure pfsense to use VPN as gateway for OPT port only?

Currently I have set up my PfSense SG-1100 to function as a site to site VPN. I have an unused OPT port on my router and I want to attach that to a switch and have it function as the gateway to the ...
Devan's user avatar
  • 11
1 vote
0 answers
240 views

Linux ShrewSoft client connects but doesn't pass any traffic

A customer recently changed their VPN server and now recommends ShrewSoft as the appropriate client. On Windows, the provided config works. On Linux, it also appears to connect and sets up a tap0 ...
Sören Kuklau's user avatar
1 vote
0 answers
109 views

IPSEC connection between SIP Client and PCSCF. ESP header does not appear. IPsec does not apply to the header

I wanted to create SIPP script to create scenario to establish IPSEC connection between UE and PCSCF using below; For example:- setkey -c << EOF spdadd $pcscf/32[$port_pc] $ue/32[$port_us] tcp ...
rizwan alam's user avatar
1 vote
0 answers
35 views

Is it possible to skip main mode for IPSec communication on Windows?

On Linux, after registered several SAs (Security Associations) between a pair of Linux host, I can create communication between those two Linux hosts, i.e, communicate with ESP packets. But on ...
gzh's user avatar
  • 111
1 vote
1 answer
3k views

L2TP / IPSec couldn't look up L2TP VPN gateway IP address (CentOS 7)

I'm trying to connect to VPN from CentOS 7. I have network-manager-l2tp installed (1.2.10). The output I'm getting: Mar 18 23:46:43 localhost NetworkManager[4790]: <info> [1552949203.6892] vpn-...
Incl's user avatar
  • 11
1 vote
0 answers
2k views

Configure a Linux client for a Windows VPN

I am trying to connect from my personal Arch Linux laptop to my office's windows server VPN. I have followed the instructions of the Arch wiki but I cannot get the IPSec tunnel to connect. The ...
Jacques Gaudin's user avatar
1 vote
0 answers
3k views

Strongswan, how to configure ipsec site-to-site using psk?

I'm setting up ipsec site-to-site VPN connection (with pre-shared key auth method). However I'm unsure of the correct values to put in ipsec.conf. vpn server ip - xx.45.40.46 encryption algorithm - ...
Fred joe's user avatar
1 vote
0 answers
1k views

Getting Timeout when connecting to StrongSwan IPSec

I've tried to set up a Root Server in the public Internet with StrongSwan to use it as a VPN Server. Plan is to tunnel all Internet Traffic for some devices via this server. I've also set up an ...
Nils Rehwald's user avatar
1 vote
0 answers
555 views

Strongswan ikev2: https stops working on client when connected to vpn server

I have set up strongswan 5.3.3-1 on OpenWRT 15.05 based router. Followed this tutorial The certificate for Server side authentication is issued by Let's Encrypt - I use it for my synology box and it ...
drew1kun's user avatar
  • 2,157
1 vote
0 answers
1k views

Can't SSH into machine with ipsec VPN

I have an ubuntu virtual machine with bridged adapter which I've configured to use an ipsec VPN. I can SSH into the machine just fine, but when I turn on the VPN, I can't. The VPN tunnel also makes ...
Walrus the Cat's user avatar
1 vote
1 answer
101 views

IPSec doesn't hide IAX2 informations

I am trying to setup a secure truncked IAX2 connexion with IPSec between routers: But when I make sniffing attack with wireshark, all call's informations are showen ! IPsec is well configured and ...
Y. Dabbous's user avatar
1 vote
0 answers
557 views

Racoon IPsec-SA expired: ESP/Tunnel

Hello my vpn link vpn does not connect anymore and gives me the following logs thank you to help me please: Jun 19 08:06:25 FwME racoon: INFO: IPsec-SA established: ESP/Tunnel 89.30.97.2[500]->57....
Assane Keita's user avatar
1 vote
2 answers
7k views

Have Site-To-Site (IPSEC) connected but cannot ping anything other than router

Just setup a new Azure subscription, and i'm stumped trying to troubleshoot why I can't ping any local VMWare machines from a Azure VM. After successfully setting up an IPSec Site-To-Site VPN. I am ...
The Unique Paul Smith's user avatar
1 vote
0 answers
4k views

Connect to L2TP/IPsec (username/password/PSK) on cmd.exe

How may I connect to VPN using the username, password and PSK combo in the command line? Google has been of no help; any guidance will be most welcome. I want a command to the effect of vpnclient /...
Oxwivi's user avatar
  • 316
1 vote
1 answer
63 views

Linux box as network gateway changes source address

I have a Ubuntu Server box(A) with an IPSec tunnel to another datacenter(AWS, through a VPC VPN). The tunnel is fine and I can ping the other side of the tunnel. The problem is when I try to ...
greenboxal's user avatar
1 vote
0 answers
337 views

Zywall IPSEC config for remote shares using ipsecuritas

I have a Zywall USG 20 using IPsec. It works and connects fine however I can only access the zywall its self. Traffic does not route to other computers on the subnet. In my case I need to access linux ...
Ryan Mills's user avatar
1 vote
0 answers
5k views

Route all traffic through IPSEC tunnel

I'm using Strongswan on CentOS as IPSEC VPN server. Is possible to tell client (win7) to route all traffic through tunnel interface after tunnel is up? Here is my ipsec.conf config setup conn %...
user1700494's user avatar
1 vote
0 answers
761 views

IPSec Policy Is Blocking 127.0.0.1

I created an IPSec policy on Windows 8.1, it's purpose was to allow only traffic that goes via the VPN, everything else should be blocked (except LAN and 127.0.0.1). LAN is working fine, but 127.0.0.1 ...
Drahcir's user avatar
  • 212
1 vote
1 answer
5k views

Strongswan IPSEC VPN for Windows 7 road warrior config

Following the Strongswan wiki link for configuring Strongswan for Windows 7 clients: http://wiki.strongswan.org/projects/strongswan/wiki/Win7EapMultipleConfig I used the sample files as-is with no ...
Lawrence Chiu's user avatar
1 vote
3 answers
8k views

IPsec VPN connection drops automatically every 47 mins

I'm using Cisco Systems VPN Client Version 5.0.07.0440 on Windows 7 Ultimate 64-bit to connect to a VPN server through IPSec/UDP. The problem is each time when it connects, I always get warnings in ...
Shane's user avatar
  • 83
1 vote
0 answers
199 views

Netgear NAT over LAN TO LAN

I have the following question: I need to connect through a vpn IPsec lan 2 lan tunnel with a partner but they want that I connect through a specific ip subnet which is not mine. Here's the situation: ...
0wn3r's user avatar
  • 107
1 vote
0 answers
283 views

M0n0wall IPsec tunnel fails after switch to PPPoE

I have had a M0n0wall site-to-site IPsec VPN working for several months on a static IP via an ADSL router. We've just switched to a fibre (FTTC) connection, and M0n0wall has now been configured to ...
David Carboni's user avatar
1 vote
1 answer
3k views

Cisco ASA5505 site-to-site VPN doesn't establish tunnel to remote peer

The remote peer can start the tunnel successfully when accessing my local network like pinging a local host, however, the tunnel cannot be automatically started from the local side. The log shows no ...
codable's user avatar
  • 151
1 vote
0 answers
74 views

IP header "Option field"

Is it true that the GRE (Cisco tunnel) header is placed in the IP header "option field" ? Are the IPSec headers (ESP or AH) installed in the "option field" too ?
Arnaud's user avatar
  • 11