Questions tagged [ipsec]
IPSec is a method to provide internet security over the layer 3 of the OSI model.
215
questions
1
vote
0
answers
5k
views
Route all traffic through IPSEC tunnel
I'm using Strongswan on CentOS as IPSEC VPN server. Is possible to tell client (win7) to route all traffic through tunnel interface after tunnel is up?
Here is my ipsec.conf
config setup
conn %...
- 191
4
votes
0
answers
29k
views
Can someone help me understand ALG and VPN settings on my router?
I'm looking at the settings in my TP-LINK WDR4300 router and noticed settings for VPN passthrough and ALG. Every single option is enabled but I am hoping someone can help me understand these settings ...
mocky90
3
votes
1
answer
7k
views
Remote Access VPN on Cisco IOS doesn't complete phase 1
I have successfully configured my Cisco router to create a VPN tunnel to Azure. This is working fine. Now I am trying to add a remote access VPN for clients. I want to use IPsec and not PPTP.
I'm not ...
- 41
3
votes
2
answers
17k
views
ipsec configuration problems on Ubuntu. Errors on IP forwarding" connection authorization from Android client
I'm trying to create a L2TP/IPSec PSK VPN from my Android phone to my Ubuntu server on my home network.
I am receiving two errors. the first one is a failure checking IP forwarding when I run ipsec ...
- 31
7
votes
1
answer
13k
views
IPsec in the Linux Kernel
I have some issues (questions) related tot the Linux Kernel implementation of IPsec and it's user-space interface.
The biggest question is which is the actual official project for the Linux Kernel ...
- 259
0
votes
0
answers
53
views
2 simultaneous VPNs to 2 different nodes
I am planning to setup Ipsec tunnels between a single server (server1) and two security gateways (seg1 and seg2).The setup should be like this:
server1 -----ipsec tunnel1-------->seg1
server1 ----...
- 101
0
votes
0
answers
425
views
Windows 7 IPsec IKEv2 EAP-TLS error
I have set-up Strongswan on a Ubuntu 14.04 server from the official package repo with IKEv2 and rightauth=eap-tls using our PKI infrastructure. I can connect just fine from Android and Linux but not ...
- 16
0
votes
0
answers
1k
views
Is there any way of extracting a shared secret from a PBK file or a similar artefact from a Windows 7 installation?
My company's laptop comes with preconfigured VPN connections to access the company's network.
The default setup of the laptop is a bit outdated to say the least and I was wondering if in some cases I ...
- 96
5
votes
1
answer
7k
views
L2TP/IPSec stopped working after openssl upgrade
VPN connections from my MacBook / iOS devices to a Debian server having openswan / xl2tp were working just fine until I used apt-get to upgrade everything due to openssl heartbleed announcement.
Now ...
- 174
3
votes
2
answers
9k
views
IPSec with or without L2TP?
I'm referring to this question. And to be clear: This is really not about the old PPTP vs L2TP debate. ;-)
I successfully set up racoon as an IKE server without any L2TP implementation running and it ...
- 43
0
votes
1
answer
2k
views
Make ICMP exempt from IPSec protection
I'm reading a reference book on Microsoft DirectAccess. It contains the quote:
To use Ping as a troubleshooting tool, ensure that Internet Control
Message Protocol (ICMP) is exempt from IPSec ...
- 2,831
1
vote
0
answers
761
views
IPSec Policy Is Blocking 127.0.0.1
I created an IPSec policy on Windows 8.1, it's purpose was to allow only traffic that goes via the VPN, everything else should be blocked (except LAN and 127.0.0.1). LAN is working fine, but 127.0.0.1 ...
- 212
0
votes
1
answer
327
views
Can I run a VPN server with certificates only, and no password/pre-shared keys?
I've seen several writeups around discussing VPN server configuration. In all of them, there are 2 or 3 pre-shared keys / passwords used at various levels of the tunnel -- one for IPSec, one for L2TP,...
- 533
3
votes
0
answers
1k
views
How can I set an IPsec ID using the Windows 8 built-in VPN client?
I'm trying to connect to a VPN using the built in Windows 8 VPN client. The VPN uses L2TP/IPsec and a pre-shared key. I can see it's connecting to the VPN but not making it through authentication. I ...
- 12.8k
0
votes
1
answer
2k
views
Logging VPN Traffic (L2TP/IPSec on Ubuntu)
I'm running a small, private VPN server for me and 2-3 other people. For bandwidth monitoring, and to comply with any possible DMCA or other government (re: new Canadian law) requests, I want to have ...
- 101
0
votes
0
answers
2k
views
Automatically reconnect Openswan/IPSec VPN and disallow intermittent traffic?
I am trying to connect two Debian machines running an Openswan/IPSec tunnel. Also, I want to disallow any traffic when the tunnel goes down. For that purpose I wrote a script the fiddles with routes ...
- 233
0
votes
0
answers
343
views
Slow SCP tranfers over IPv6 VPN IPSec which has IPv4 private subnets
I have 2 hosts connected with IPv6 VPN. I am using IPv4 internal addresses for machines connected internally and use subnets addressed for these in ipv4. When a host wants to scp a 1 Gig file pull ...
- 1
0
votes
1
answer
3k
views
How is it possible that I can't login to various websites when using a VPN at a public Wi-Fi? That same VPN is just fine when connected from home
This is a full IPSec tunnel provided by my university. I use this VPN at home and at public Wi-Fi cafés.
For some reason, I am not able to login to most websites while using the VPN at this specific ...
- 319
0
votes
1
answer
859
views
VPN ipsec tunnel from router to single windows server computer (gateway-to-host)
Firstly, is this possible?
The situation: 2 different ISP's. One has several servers and a firewall running. The other is limited to only one virtual server with one network card running windows ...
Chris Miller
1
vote
1
answer
5k
views
Strongswan IPSEC VPN for Windows 7 road warrior config
Following the Strongswan wiki link for configuring Strongswan for Windows 7 clients:
http://wiki.strongswan.org/projects/strongswan/wiki/Win7EapMultipleConfig
I used the sample files as-is with no ...
0
votes
0
answers
4k
views
Openswan l2tp ipsec vpn on Ubuntu 13.04 for remote access (Android road warrior). Does not work
I followed the directions from here:
http://samsclass.info/ipv6/proj/proj-L5-VPN-Server.html
I used the same exact files as posted at that site. On my router, I have port-forwarded 500 UDP and 4500 ...
0
votes
1
answer
4k
views
Mikrotik IPSec VPN routing
I seem to be clueless at the routing with VPN. I am trying to setup an IPSec VPN tunnel so as to secure communication between my private LAN and a destination host. Any device within my private LAN ...
- 1
-1
votes
1
answer
1k
views
Is my VPN tunnel connected? Is my traffic going via the VPN tunnel? How do i verify this?
From RHEL i have to connect VPN server and reach that target PC1. Till now it was possible to make the VPN interconnect but 10.0.0.108 cant ping 10.109.0.200.
Variables:
ME WAN IP: 8.8.8.8 (Amazon ...
- 1,685
3
votes
1
answer
17k
views
Find the IPsec ID and Secret id for my vpn connection [closed]
Hi i'm using ubuntu and new to cisco vpn anyconnect client. I have installed it successfully and establish the connection by giving the user name and password. But it is showing the timeout error. So ...
- 89
6
votes
0
answers
882
views
Forward IPsec tunnel from IPv4 endpoint to IPv6 endpoint
I have a new ISP and only have a Dual Stack - lite connection now. That means I can't access my router via IPv4 anymore, since the external IPv4 address is private. I have native IPv6 connectivity.
...
- 161
3
votes
2
answers
392
views
VPN for Home to watch TV on the go
My ISP offers TV on tablets, phones, etc. where I have to use an app, but I still have to have that traffic flow through my modem. What would be the best solution to setting up a VPN for probably just ...
- 31
3
votes
1
answer
8k
views
Finally get my win 7 connected to strongSwan VPN, but there's no Internet
I believe I've followed all the instructions, and my win 7 did get connected, but there's no Internet.
Background:
Server OS: ubuntu 12.04 on linode xen VPS
strongSwan Version: 4.6.4
...
- 83
0
votes
1
answer
2k
views
How to set up NAT in windows server 2008 r2 for IPSec tunnel use
I am having troubles setting up the whole IPSec tunnel thing.
What i have:
1. Router that only has a VPN/IPsec passthrough functionality (IP 192.168.0.1)
2. Windows Server 2008 R2 which has group ...
- 158
1
vote
3
answers
8k
views
IPsec VPN connection drops automatically every 47 mins
I'm using Cisco Systems VPN Client Version 5.0.07.0440 on Windows 7 Ultimate 64-bit to connect to a VPN server through IPSec/UDP.
The problem is each time when it connects, I always get warnings in ...
- 83
2
votes
0
answers
966
views
Cisco RV180 ipsec vpn to mac os x 10.8.2 default client Configuration
I would like to configure an IPSec VPN tunnel between my RV180 (server, last firmware) and my Mac OSX 10.8.2 laptop.
I have little knowledge about VPN, and a bit more about network in general. I have ...
- 121
0
votes
2
answers
5k
views
Can't connect to pc using Remote Desktop over VPN with Domain user account only
Craziest thing. I can't seem to login to my pc at work using my domain credentials. I am using Remote Desktop with a Cisco VPN and have tried both Mac and Win 7 remote machines. It appears that I can ...
5
votes
0
answers
6k
views
How do I configure DD-WRT to forward IPSec traffic to an internal server to support a road warrior configuration?
I use dd-wrt as my home router setup and that's been working fine. Now I wanted to figure out a way to be able to use my iPad to set up a IPSec tunnel to my home network while I'm on the road.
PPTP ...
- 193
2
votes
1
answer
2k
views
Is it possible to set up IPSec on a linux virtual machine host to connect to an Azure virtual network
We run some virtual machines in an onsite Ubuntu based server with guests being a mixture of Windows Server and Ubuntu. We're also setting up some Windows Azure virtual machines and ideally would like ...
- 53
1
vote
0
answers
199
views
Netgear NAT over LAN TO LAN
I have the following question:
I need to connect through a vpn IPsec lan 2 lan tunnel with a partner but they want that I connect through a specific ip subnet which is not mine. Here's the situation:
...
- 107
0
votes
2
answers
82
views
Find out what routers are crossed when accessing a server!
I am new to this forum and not really sure if I this belongs here, but I give it a shot anyway.
What routers/switches/networks does a packet from my computer need to cross in order to access a lets ...
- 125
1
vote
0
answers
283
views
M0n0wall IPsec tunnel fails after switch to PPPoE
I have had a M0n0wall site-to-site IPsec VPN working for several months on a static IP via an ADSL router.
We've just switched to a fibre (FTTC) connection, and M0n0wall has now been configured to ...
- 111
0
votes
1
answer
3k
views
Allow all websites for administrator account and block all websites (but a few) for limited accounts
At my work we have a PC which runs Windows XP and is used by all employees. This PC is mainly used for our company website: a trailer booking website. At the moment there is one account: an ...
- 221
1
vote
1
answer
3k
views
How to stop split tunnelling over cisco VPN (OS X)?
I'm using OS X (Snow Leopard) and the built in Cisco IP Sec client to connect to my corporate VPN. Currently, everything works as designed, and desired for most people. However, I would like to be ...
- 11
3
votes
0
answers
2k
views
Shrew Soft VPN Client - Negotiation timout
I am having an issue running Shrew Soft VPN Client on Windows 7 Pro x64.
While trying to resolve this issue I have disabled miniport adapters like a lot of websites say to do however this hasn't ...
- 193
1
vote
1
answer
3k
views
Cisco ASA5505 site-to-site VPN doesn't establish tunnel to remote peer
The remote peer can start the tunnel successfully when accessing my local network like pinging a local host, however, the tunnel cannot be automatically started from the local side.
The log shows no ...
- 151
3
votes
1
answer
2k
views
Relation of IPSec and IPv6 to SSL/TLS
My understanding is that IPSec is a security layer added inside the IP protocol to make IP itself a secure transport.
My understanding of IPv6 is that it is the newest version of IP that will (for ...
- 2,852
1
vote
0
answers
74
views
IP header "Option field"
Is it true that the GRE (Cisco tunnel) header is placed in the IP header "option field" ?
Are the IPSec headers (ESP or AH) installed in the "option field" too ?
- 11
4
votes
1
answer
8k
views
How to use IPsec?
IPsec is a protocol suite built on top of IP. Originally designed with IPv6, it also exists in IPv4.
IPsec enables encrypted communications between hosts at the IP level (that is, upper layers ...
- 22.4k
0
votes
2
answers
3k
views
Openswan L2TP/IPsec VPN for iPhone fails during connection
I spent the morning trying to configure an L2TP/IPsec VPN using Openswan and xl2tpd on a Debian Squeeze server for use by a mix of iOS and Mac clients. I am trying to set it up using pre-shared keys ...
- 121
1
vote
1
answer
2k
views
How do I configure a Netgear FVS336g for use with Amazon VPC?
I think it should be possible to create an IPSec tunnel between a Netgear FVS336Gv2 firewall/router and AWS VPC however, I've been unable after several tries. How do I setup a connection for a Amazon ...
- 353
2
votes
3
answers
1k
views
IPv6 and IPSec - why do I need an external daemon?
I read that IPSec is mandatory for IPv6 implementations. Does this mean that it should be handled by the OS and that IPSec configuration should be mandatory for IPv6 to work? If so, why is this not ...
- 414
0
votes
2
answers
152
views
IPsec counter mode - are there implementations?
Counter mode encryption is potentially more robust against lost packets. It is used in SRTP.
I assume that if I use counter mode, a lost packet causes a lost UDP packet or TCP retransmission instead ...
- 1
1
vote
1
answer
432
views
OS X: how to figure out what prevents L2TP/IPSec from running correctly
It seems that an old installation of Cisco Anyconnect prevents the OS X built-in L2TP/IPSec client from running (I posted a question here: OS X 10.7, can't log into any L2TP VPN server, but didn't ...
- 1,758
48
votes
2
answers
116k
views
IPsec versus L2TP/IPsec
I have a VPN service which gives me the option of connecting via PPTP, IPsec, or L2TP over IPsec. PPTP i know is inferior in terms of security and encryption, but I'm not really sure what the ...
- 666
1
vote
1
answer
2k
views
Can IPSec (or any other VPN tunnel) hide your IP address while browsing?
Is there a VPN/tunnelling method which you can use to browse the web, but will also prevent somebody from seeing your IP address if they were sniffing the network?
I wasn't sure if the IP address ...
- 11