Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ipsec]

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

1031 questions
5
votes
2 answers

SSH not working over IPSec tunnel (Strongswan)

I configured a small network on a cloud virtual machine. This virtual machine has a static IP address assigned to eth0 interface that I'll call $EXTIP. mydomain.com points to $EXTIP. Inside, I have some linux containers, that get their ip through…
PattPatel
  • 131
  • 1
  • 5
5
votes
2 answers

Elastic IP address on EC2 instance interface without 1:1 NAT

I have a basic Amazon VPC set up with a public and private subnet. I have deployed a Vyatta router in the public subnet that does NAT for the private subnet. I have an elastic IP address assigned to the Vyatta instance which does a 1:1 NAT to the…
OneMillionMiles
  • 53
  • 1
  • 5
5
votes
2 answers

Best security practice for small networks - wifi, lan,

We regularly setup small networks for clients in different locations to allow them to work on different products now the question what should be the best security practice. Currently we have a wifi enabled with WPA2 and most laptops connect to this…
Grimlockz
  • 325
  • 1
  • 2
  • 11
5
votes
1 answer

selective routing through a VPN tunnel

The problem: after establishing an IPsec VPN tunnel all traffic is routed to the remote endpoint, while I only need to route the packets destined to that internal network and still be able to access the internet on my local machine. Currently, when…
BBK
  • 51
  • 2
5
votes
0 answers

Firewall "Connection Security" when there is no trust and NATing between the two computers

First a little explanation of my network topology. I have a internal domain, and edge network domain. There is no trust between the two domains (and IT will not allow a one way trust to be set up between the internal and the edge network…
Scott Chamberlain
  • 1,455
  • 2
  • 21
  • 37
5
votes
3 answers

How to advertise routes to IPSec tunnels in OSPF using Cisco IOS

I have Cisco 1800 series router (running C181X-ADVIPSERVICESK9-M) with lots of IPSec tunnels. I want to add this router to OSPF and configure it to advertise routes to remote subnets accessible via IPSec tunnels (e.g. if I have tunnel VPN1 with…
DavisNT
  • 334
  • 1
  • 4
  • 12
5
votes
2 answers

ScreenOS ip6in4 tunnel over transport mode ipsec?

I have setup a point to point transport ipsec session between a ScreenOS router (SSG-5) and a Cisco 3925. The ipsec transport itself works great, but as soon as I try to direct the protocol 41 traffic over the transport, the packets don't transit…
Peter Grace
  • 3,456
  • 1
  • 27
  • 43
5
votes
1 answer

Windows Server 2003 IPSec Tunnel Connected, But Not Working (Possibly NAT/RRAS Related)

Configuration I have setup a "raw" IPSec tunnel between a Windows Server 2003 (SBS) machine and a Netgear FVG318 according to the instructions in Microsoft KB816514. The configuration is as follows (using the same conventions as the article): NetA …
Kevinoid
  • 171
  • 1
  • 5
5
votes
2 answers

How can I capture IPSEC packets on my VPN server?

I am running a strongSwan (U5.3.5/K4.4.0-62-generic) VPN server on Ubuntu 16.04. Ususally, when I want to examine traffic on a server, I simply run something like the following: tcpdump -ni eth0 "tcp port 80" -w log.pcap On the VPN server it…
Oleg
  • 373
  • 1
  • 7
  • 17
4
votes
3 answers

How can I route traffic over IPSec tunnel?

I have two sites: MAIN (local subnet 192.168.0.0/24, external IP: M.M.M.M) and CLIENT (10.0.0.0/24, external IP: C.C.C.C). I created an IPSec tunnel between the sites and both sites can ping computers in both subnets. So far so good. # ipsec…
Michal B.
  • 97
  • 1
  • 1
  • 10
4
votes
4 answers

Cisco PIX 515e dropping IPSEC tunnels to ASA 5505 over time

We have a Head-Office/Branch-Office WAN like this, Server LAN <-> Cisco PIX 515e <-VPN tunnel-> Cisco ASA 5505 <-> Client LAN 1 <-VPN tunnel-> Cisco ASA 5505 <-> Client LAN 2 <-VPN…
nray
  • 1,540
  • 17
  • 23
4
votes
1 answer

OpenSSL equivalent of libreswan IPSEC

I have the following ipsec commands that generate certificates, but I dont have ipsec installed so looking for the openssl equivalent. Can anyone please help? Create certificate authority cert ipsec pki --gen --type rsa --size 4096 --outform pem >…
Christian
  • 796
  • 3
  • 13
  • 31
4
votes
2 answers

Use Azure Public IP With On Prem VM

We have an on prem RRAS server that connects to an Azure Virtual Network that allows us to have an On Prem/Azure hybrid. My query is, if i was to provision a public IP address in azure, what would be the best way to route it to one of our on prem…
MrBeanzy
  • 171
  • 9
4
votes
2 answers

Can't ping or traceroute through AWS IPSec VPN

My VPC is connected to my premises via IPSec VPN, tunnel is shown to be UP on AWS console. Things that work: I can see the traffic from my premises (subnet 192.168.0.0/16) to AWS VPC ( 10.0.0.0/16) on VPC flowlogs, marked as accepted. When I do a…
Yoga
  • 151
  • 1
  • 2
  • 7
4
votes
1 answer

Strongswan IKEv2 VPN on OS X 10.11 and iOS 10 Clients

After many days of searching on Google, through Serverfault, and even on the StrongSwan website, I have been unsuccessful in attempting to get StrongSwan IPSec/IKEv2 VPN working on OS X 10.11.5 and iOS 10. I have been very successful in getting it…
Olivia
  • 181
  • 1
  • 1
  • 5
1 2 3
68 69