Questions tagged [ipsec]

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

1031 questions
3
votes
2 answers

How to encrypt connections to SQL Server with IPSec?

The SQL Server OLEDB provider can use SSL encrypted connections to SQL Server with an option in the connection string: Use Encryption for Data Specifies whether data should be encrypted before sending it over the network. The valid values are…
Ian Boyd
  • 5,293
  • 14
  • 60
  • 82
3
votes
1 answer

Why does 'ipsec statusall' not show any connections?

I've finally been able to get a tunnel between my computer (strongswan) and a Zyxel Zywall 110 up and running. I'm connecting using certificates, and judging from the logs the actual VPN connection seems to get established. May 4 14:14:49 user…
sbrattla
  • 1,578
  • 4
  • 28
  • 52
3
votes
3 answers

VPN Tunnel, subnets conflict

I'm trying to create IPsec VPN Tunnel between two sites. Site 1 Fortigate 140D Local subnet : 192.168.1.0/24 Site 2 Fortigate 100D Local Subnet : 192.168.2.0/24 But when I try to create it, it gives me the error: Conflicts with existing local…
Adeel ASIF
  • 495
  • 2
  • 6
  • 23
3
votes
0 answers

Strongswan to Cisco ASA

I have a problem with connection two nets with IPsec. On the one side is Cisco ASA 55xx on the other TP-Link router with Debian 8.3 with StrongSwan behind the NAT. The problem also that I have somehow to NETMAP/SNAT network on the TP-Link side. But…
F M
  • 31
  • 1
  • 4
3
votes
0 answers

What is the ip xfrm tmpl and how is it different than an SA?

The Linux ip xfrm policy command creates an IPsec policy, associating particular traffic with an SA. It uses something called a "template" (tmpl), which, as far as I can tell, is just a means of identifying the SA. Why does it call it a template?…
SRobertJames
  • 221
  • 4
  • 8
3
votes
2 answers

Cannot ssh to remote system after enabling IPSec

I have created two VMs on top of base OS and have enabled IPSec between the two VMs. Now the problem is as soon as IPsec starts and SA is established between the two VMs, I am not able to ping or ssh to the VM thorugh the base OS but the VMs can…
lokesharo
  • 131
  • 4
3
votes
0 answers

Windows Firewall Connection Security, require encryption with IPv6?

I've set up Windows Firewall on a Server 2012 R2 to always require IPSec Encryption for all Connection Security Rules. I've then specified Inbound Rules for specific ports and services, and configured them with the action "Require the connections to…
3
votes
2 answers

IPv6 IPsec between two native IPv6 networks

Assume I have two networks, A and B, on sites either side of the globe. Both have native IPv6 and are using (hypothetically) just IPv6. IPv4 no longer exists. They can both access the internet natively as IPv6 and use IPv6 hosts. Their IPv6…
3
votes
2 answers

Strongswan: clients can connect to server but no internet access

I've set up an ipsec server and after a while I could connect to it from my android device. but there is no internet connection in client side. I have also added NAT rules to forward traffics from virtual IPs but still problem exists. how can I find…
Ghasem Pahlavan
  • 196
  • 2
  • 12
3
votes
0 answers

Is there an extension of host to host ipsec to a many-many configuration?

Having a typical host to host transport mode ipsec configuration, conn appserver01-to-swift01 leftid=@appserver01.server.com left=10.133.176.246 leftrsasigkey=xxxxxxxxxxxxxxxxxxxxxxxx rightid=@swift01.server.com …
user22866
  • 151
  • 6
3
votes
2 answers

Windows Server FIrewall (2012) Ipsec tunnel problems

I am new to Ipsec tunnels. I have successfully created a tunnel to a Cisco offsite router using a preshare key at a supplier. In Endpoints 1 : I have the servers ip address and the remote servers ip address that I intend connecting to. In Endpoint 2…
Wize
  • 91
  • 6
3
votes
1 answer

Poor IPsec over GRE performances

I have set up an IPsec over GRE connection with a remote host, both are NetBSD 6.1 based. The "client" is connected to the Internet through a 400Mbps fiber connection. The "server" is located on a 10Gbps network. Both machines have 1Gbps NICs which…
iMil
  • 251
  • 1
  • 9
3
votes
3 answers

Routing between pfSense Subnets and IPSec VPN

I have a pfSense Router, which is the endpoint of a site-to-site IPSec VPN. In the pfSense the main LAN Interface is 10.0.2.1/24 and it has a virtual IP 10.0.125.1/24 The IPSec Phase 2 connects the 10.172.0.0/16 (from the other side) to the…
W4rlock
  • 968
  • 1
  • 7
  • 10
3
votes
1 answer

Cisco ASA 5505 - L2TP over IPsec

I have followed this document on cisco site to set up the L2TP over IPsec connection. When I try to establish a VPN to ASA 5505 from my Windows XP, after I click on "connect" button, the "Connecting ...." dialog box appears and after a while I get…
xraminx
  • 223
  • 3
  • 7
3
votes
1 answer

Can I have an alert when a IPSEC is down in Fortigate 80C?

We have a fortigate 80c and 60D with an IPSEC VPN . Is there a way to use the log (or other tool) to send an email alert when the tunnel is down? I couldn't see anything on the Log & Report tab
Saariko
  • 1,791
  • 14
  • 45
  • 75