Questions tagged [ipsec]
IPSec is a method to provide internet security over the layer 3 of the OSI model.
215
questions
48
votes
2
answers
116k
views
IPsec versus L2TP/IPsec
I have a VPN service which gives me the option of connecting via PPTP, IPsec, or L2TP over IPsec. PPTP i know is inferior in terms of security and encryption, but I'm not really sure what the ...
- 666
24
votes
1
answer
35k
views
Does the traffic go through my company network when I browse when connected through SSL-VPN
I work for a company which is not in my country. The enterprise intranet is in a different country. We do not have many employees in my country - so everyone works from home. When we need intranet ...
- 583
18
votes
6
answers
29k
views
How to auto save a Cisco VPN connection password on Mac OS X?
I have set up a Cisco IPSec VPN connection instead of using the Cisco client on Mac OS X. I like it fairly well, it just sits in the tray next to the clock and allows me to easily connect and ...
- 18.2k
17
votes
3
answers
103k
views
L2TP/IPsec VPN fails to connect on Windows 10 - Works fine on iOS
I’ve configured an L2TP/ipsec server with a pre-shared key that works like a charm on my phone. I’ve tried several ways including disabling of firewall to connect on Windows 10 but it always fails. ...
- 677
7
votes
1
answer
13k
views
IPsec in the Linux Kernel
I have some issues (questions) related tot the Linux Kernel implementation of IPsec and it's user-space interface.
The biggest question is which is the actual official project for the Linux Kernel ...
- 259
6
votes
0
answers
882
views
Forward IPsec tunnel from IPv4 endpoint to IPv6 endpoint
I have a new ISP and only have a Dual Stack - lite connection now. That means I can't access my router via IPv4 anymore, since the external IPv4 address is private. I have native IPv6 connectivity.
...
- 161
5
votes
1
answer
7k
views
L2TP/IPSec stopped working after openssl upgrade
VPN connections from my MacBook / iOS devices to a Debian server having openswan / xl2tp were working just fine until I used apt-get to upgrade everything due to openssl heartbleed announcement.
Now ...
- 174
5
votes
2
answers
27k
views
Connect FortiClient IPsec VPN via Ubuntu 18.04 KDE
I have just installed FortiClient 6.0.0.0029 in Ubuntu 18.04 - KDE.
I'm not shure, but looks like Linux's FortiClient has only SSL connection but not IPsec (which I need)...
Works ok in Windows 10, ...
- 153
5
votes
0
answers
6k
views
How do I configure DD-WRT to forward IPSec traffic to an internal server to support a road warrior configuration?
I use dd-wrt as my home router setup and that's been working fine. Now I wanted to figure out a way to be able to use my iPad to set up a IPSec tunnel to my home network while I'm on the road.
PPTP ...
- 193
4
votes
2
answers
12k
views
How can I route only a particular subnet to the StrongSwan VPN but not my whole traffic on linux?
I have no particular competences on networking, so I'll do my best to explain my needs.
On my Linux laptop I'm running StrongSwan (with NetworkManager) to connect to a particular VPN with IPsec. This ...
- 53
4
votes
1
answer
8k
views
How to use IPsec?
IPsec is a protocol suite built on top of IP. Originally designed with IPv6, it also exists in IPv4.
IPsec enables encrypted communications between hosts at the IP level (that is, upper layers ...
- 22.4k
4
votes
3
answers
17k
views
Can't connect to L2TP IPsec VPN from Windows 10 but it works with macOS High Sierra
I am trying to connect from a Windows 10 client to an Ubiquiti EdgeRouter VPN, I went through the instructions on https://help.ubnt.com/hc/en-us/articles/204950294-EdgeRouter-L2TP-IPsec-VPN-Server but ...
- 41
4
votes
1
answer
3k
views
L2TP/IPSec On Mac Failed to connect
I am connecting to a VPN Server set up following instructions in https://github.com/hwdsl2/setup-ipsec-vpn
And I setup the clients following https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/...
- 141
4
votes
0
answers
29k
views
Can someone help me understand ALG and VPN settings on my router?
I'm looking at the settings in my TP-LINK WDR4300 router and noticed settings for VPN passthrough and ALG. Every single option is enabled but I am hoping someone can help me understand these settings ...
mocky90
3
votes
2
answers
9k
views
IPSec with or without L2TP?
I'm referring to this question. And to be clear: This is really not about the old PPTP vs L2TP debate. ;-)
I successfully set up racoon as an IKE server without any L2TP implementation running and it ...
- 43
3
votes
1
answer
1k
views
P12 Certificate Authentication - what is the correct method
I've been able to successfully set up an IKEv2/IPSec VPN Server using certificate authentication. However, I have a general issue regarding the correct method of creating P12 user certificates.
I've ...
- 61
3
votes
2
answers
17k
views
ipsec configuration problems on Ubuntu. Errors on IP forwarding" connection authorization from Android client
I'm trying to create a L2TP/IPSec PSK VPN from my Android phone to my Ubuntu server on my home network.
I am receiving two errors. the first one is a failure checking IP forwarding when I run ipsec ...
- 31
3
votes
1
answer
8k
views
Finally get my win 7 connected to strongSwan VPN, but there's no Internet
I believe I've followed all the instructions, and my win 7 did get connected, but there's no Internet.
Background:
Server OS: ubuntu 12.04 on linode xen VPS
strongSwan Version: 4.6.4
...
- 83
3
votes
1
answer
2k
views
Relation of IPSec and IPv6 to SSL/TLS
My understanding is that IPSec is a security layer added inside the IP protocol to make IP itself a secure transport.
My understanding of IPv6 is that it is the newest version of IP that will (for ...
- 2,852
3
votes
1
answer
8k
views
strongSwan - no matching peer config found
I am trying to setup strongSwan to configure an iPhone to it but I am getting an error that I have trouble overcoming.
no matching peer config found
The complete debug log is as follows:
root@vpn-...
- 275
3
votes
1
answer
2k
views
L2TP/IPSec using srongswan in ubuntu
I'm using strongswan on ubuntu 16.04 to connect to a thirdparty L2TP/IPSec VPN.
They provided me a profile file like this:
VPN connection IP : X.X.X.X
IPSEC Authentication : ---------------------
...
- 141
3
votes
1
answer
4k
views
Error 800 connecting to VPN on certain networks on Windows 10
I have an interesting issue trying to connect to a client's VPN on Windows 10 Pro.
I can connect to the client's VPN while connecting through my phone (4G) but not the office network however other ...
- 49
3
votes
1
answer
2k
views
MAC OS El Capitan - VPN Cisco IPSec shared secret not being saved
Summary:
I can't connect to a VPN with Cisco IPSec apparently because the Shared Secret is not being saved after entering it (it always remains blank).
Detailed explanation:
I created a VPN ...
- 141
3
votes
1
answer
7k
views
Remote Access VPN on Cisco IOS doesn't complete phase 1
I have successfully configured my Cisco router to create a VPN tunnel to Azure. This is working fine. Now I am trying to add a remote access VPN for clients. I want to use IPsec and not PPTP.
I'm not ...
- 41
3
votes
0
answers
769
views
How to selectively route traffic for Cisco IPSec on macOS Mojave?
I am working from home and have to be connected to our Cisco VPN to access certain websites, such as self-hosted GitHub.
Is there away to configure the VPN to only be used for self-hosted GitHub and ...
- 131
3
votes
0
answers
1k
views
How can I set an IPsec ID using the Windows 8 built-in VPN client?
I'm trying to connect to a VPN using the built in Windows 8 VPN client. The VPN uses L2TP/IPsec and a pre-shared key. I can see it's connecting to the VPN but not making it through authentication. I ...
- 12.8k
3
votes
2
answers
392
views
VPN for Home to watch TV on the go
My ISP offers TV on tablets, phones, etc. where I have to use an app, but I still have to have that traffic flow through my modem. What would be the best solution to setting up a VPN for probably just ...
- 31
3
votes
0
answers
2k
views
Shrew Soft VPN Client - Negotiation timout
I am having an issue running Shrew Soft VPN Client on Windows 7 Pro x64.
While trying to resolve this issue I have disabled miniport adapters like a lot of websites say to do however this hasn't ...
- 193
3
votes
1
answer
17k
views
Find the IPsec ID and Secret id for my vpn connection [closed]
Hi i'm using ubuntu and new to cisco vpn anyconnect client. I have installed it successfully and establish the connection by giving the user name and password. But it is showing the timeout error. So ...
- 89
2
votes
3
answers
1k
views
IPv6 and IPSec - why do I need an external daemon?
I read that IPSec is mandatory for IPv6 implementations. Does this mean that it should be handled by the OS and that IPSec configuration should be mandatory for IPv6 to work? If so, why is this not ...
- 414
2
votes
1
answer
202
views
How are `vti` and `xfrm` iproute2 interfaces supposed to be configured and used with xfrm states and policies?
XFRM states and policies enable configuring IPsec encryption without a virtual interface. The vti and xfrm interface types, however, I think make it possible to route traffic through a virtual ...
- 49
2
votes
4
answers
14k
views
Connecting to a Checkpoint VPN-1 from Snow Leopard?
Checkpoint SecureClient doesn't work with Snow Leopard, so I've been looking for some other options. VPN Tracker appears to work, but lacks username/password (XAUTH RSA) authentication support (PSK ...
- 367
2
votes
1
answer
2k
views
IPSec-Tools build on Ubuntu
I am trying to build ipsec-tools package from http://ipsec-tools.sourceforge.net/ on Ubuntu PC.
I build the package with:
$ ./autoreconf --force --install
$ ./bootstrap
$ ./configure --enable-...
- 21
2
votes
3
answers
2k
views
Windows 7 RTM IPSec VPN
I'm running Windows 7 Ultimate RTM 64Bit and need an IPSec VPN client, I've tried Shrew VPN but that caused a BSOD.
I've noticed there is a VPN option in the start menu but I'm not sure if it is ...
- 376
2
votes
2
answers
2k
views
IPSec tunneling mode vs transport mode vs transport+L2TP
According to many docs, transport mode should be used in host-to-host IPSec, while tunneling is used to connect gateways and L2TP is used for remote access.
But nothing prevents me from using ...
- 1,533
2
votes
1
answer
1k
views
How to enable Perfect forward secrecy in WIndows IPsec client?
Windows IPsec has options to configure several parameters i.e. authentication , encryption algorithm etc. but there doesn't seem to be any option to configure PFS(Perfect forward secrecy).
- 23
2
votes
2
answers
4k
views
How to connect to an IPSec VPN through a LinkSys WRT54GL?
I am having trouble connecting to a L2TP IPSec VPN when I use my wireless router. I have a LinkSys WRT54GL v1.1 wireless router with the most current version of tomato (1.28).
I have no issues ...
- 21
2
votes
0
answers
2k
views
Troubleshooting VPN connection with Wireshark by decrypting IPSec packets
I'm having troubling establishing a VPN connection to a specific network and I'm not the only one having issues. As per their instructions, I'm using the standard VPN client built in windows with pre-...
2
votes
0
answers
891
views
xl2tpd-control command not working
I have an cisco vpn server which which i am trying to connect an endpoint through VPN(IPsec/L2TP). I have strongswan, xl2tpd and pppd running on my machine. IPsec conection is established successfully ...
2
votes
1
answer
436
views
How can I automatically connect to a VPN if I connect to a specific Wi-Fi network on Windows 10?
I have set up an IKEv2 VPN connection with Windows 10. How can I automatically connect to this VPN if my laptop connects to a specific Wi-Fi network?
- 21
2
votes
1
answer
424
views
Strongswan 5.5.0 RSA sigkeys
I'm setting up an IPSec connection between two Strongswan clients using RSA "sigkeys." The documentation says that leftsigkey and rightsigkey are used to provide the public RSA keys for the two ...
- 23
2
votes
0
answers
2k
views
Issue with setting up IPSec VPN in host-to-network mode
I have set up IPSec VPN using OpenSwan on CentOS 6.5. But not able to get the tunnel up and running. When site B tries to ping my VPS (site A), they get following error:
Feb 26 11:33:59 [IKEv1 DEBUG]...
- 21
2
votes
0
answers
966
views
Cisco RV180 ipsec vpn to mac os x 10.8.2 default client Configuration
I would like to configure an IPSec VPN tunnel between my RV180 (server, last firmware) and my Mac OSX 10.8.2 laptop.
I have little knowledge about VPN, and a bit more about network in general. I have ...
- 121
2
votes
1
answer
2k
views
Is it possible to set up IPSec on a linux virtual machine host to connect to an Azure virtual network
We run some virtual machines in an onsite Ubuntu based server with guests being a mixture of Windows Server and Ubuntu. We're also setting up some Windows Azure virtual machines and ideally would like ...
- 53
1
vote
1
answer
5k
views
Define PFS Group in Strongswan IKEv2/IPsec Phase 2 Settings
I am trying to setup a VPN connection on Ubuntu 20.04 using Strongswan. One of the requirements for the tunnel is to use PFS group 20.
Is the PFS group 20 being set when we have the following line in ...
- 153
1
vote
1
answer
2k
views
Why is xl2tpd / pppd adding a route for 192.0.0.0/8 after bringing up the link?
I am establishing an l2tp connection with IPSEC between two hosts and when the link comes up a route is added on the client side for 192/8 pointing out the newly established ppp interface. I can find ...
- 515
1
vote
3
answers
15k
views
How to setup VPN connection from android 13/14 native VPN client to mikrotik routerOS for testing mobile app with backend behind a private network?
I want to test my mobile app on Android 13 with test backend located in private network. Therefore I need to access this network via VPN tunnel.
Since L2TP/PPTP VPN connections are not supported on ...
- 317
1
vote
3
answers
2k
views
VPN Connection (Fritzbox) works for Android Client but not for Windows and Ubuntu
I use a Fritzbox 7530 Router in my home network as a VPN server. The VPN is configured as "IPSec Xauth PSK" with following settings: server name, IPSecID, IPSec shared key, user name and ...
- 111
1
vote
1
answer
2k
views
How to configure strongSwan eap-radius with FreeRadius for EAP-MSCHAPv2 authentication?
I am trying to configure a strongSwan IPsec VPN with RADIUS authentication. The actual EAP-MSCHAPv2 authentication to FreeRadius with OpenLDAP for username/passwords is successful, but then I am stuck ...
- 13
1
vote
1
answer
428
views
Is there any way in which i can configure Windows IPSEC policy to use just AH mode and not ESP
I have done windows machine authentication with Linux running free swan server. With default configuration i could see ping encrypted with ESP. But i want to test it with AH also. Is there any way in ...
