Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ipsec]

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

1031 questions
4
votes
2 answers

Site to Site VPN error 'received hash payload does not match computed value'

We need to access a couple of Linux machines located at our client's end. Our Linux machine, from which we need to access client's machine is located on cloud. The connection to be established is site-to-site VPN. On restarting the ipsec service…
Tapo
  • 53
  • 1
  • 5
4
votes
3 answers

Connecting to a FortiGate VPN from a remote Linux machine via OpenSwan

Here's the setup: I have a FortiGate unit on a business network, which has a FortiGate VPN set up. Machines on a remote network that can run FortiClient (Windows and Mac machines) have no problem connecting to this VPN. I have been tasked with…
user2892724
  • 41
  • 1
  • 1
  • 3
4
votes
1 answer

Strongswan VPN: no matching peer config found

I'm trying to setup a Strongswan VPN but can't get it to work. It does not find a matching peer config and I don't know why: LOG: [ENC] <1> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ] [NET] <1> sending…
cgross
  • 176
  • 1
  • 1
  • 4
4
votes
1 answer

How to setup L2TP IPsec VPN server on Windows Server 2008 R2?

The Windows 2008 R2 (SBS) machine was earlier setup to run a PPTP VPN server. Due to security concerns I do want to replace the PPTP by L2TP/IPsec VPN server. The server is behind a NAT router where 3 forward rules to the Windows Server are…
Pro Backup
  • 984
  • 4
  • 15
  • 35
4
votes
1 answer

VPN ERROR 500 STATE_MAIN_I1, unable to start phase2

i'm trying to set up a site to site vpn to a fortigate 60c from a CentOS 7 with openswan, the error i get everytime is the following 000 #1: "office":500 STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_v1_RETRANSMIT in 8s; nodpd; idle; import:admin…
Julio Villalba
  • 41
  • 1
  • 5
4
votes
4 answers

How can I speed up file transfers over VPN?

Our VPN users experience very slow file transfers (50MB can take 20 minutes with a 20Mbps FiOS connection on each side). If the file is transferred over HTTP or FTP, it's just as fast as you expect. I suspect this has something to do with how…
user640
4
votes
2 answers

subnet-to-subnet libreswan ipsec vpn

I'm configuring a "subnet to subnet VPN" between two Centos 7 server using libreswan. Each server has two nic as showed in the following image. I would allow secure communication between the subnets 172.18.0.0/16 and 172.19.0.0/16 establishing a vpn…
NoNoNo
  • 1,963
  • 14
  • 20
4
votes
1 answer

Windows 7/8 Strongswan IKEv2 Wrong Gateway

I have setup Strongswan on Ubuntu 14.04 from the official package. I use IKEv2 with PKI authentication and a custom authorization plugin. This works great for Android and Ubuntu clients using strongswan but not when using the Native Windows 7/8…
MemCtrl
  • 118
  • 2
  • 10
4
votes
1 answer

Windows 2008 R2 IPsec encryption in tunnel mode, hosts in same subnet

In Windows there appear to be two ways to set up IPsec: The IP Security Policy Management MMC snap-in (part of secpol.msc, introduced in Windows 2000). The Windows Firewall with Advanced Security MMC snap-in (wf.msc, introduced in Windows…
fission
  • 3,601
  • 2
  • 21
  • 31
4
votes
2 answers

IPSec tunnel on ASA keeps disconnecting

I have an ASA IPSec tunnel configured between an ASA5505 and Microsoft TMG 2010 SP2. The tunnel sometimes works for a few hours, and then disconnects, and other times it works for 5 minutes and then disconnects. When it disconnects, it sometimes…
Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
4
votes
1 answer

Fortigate VPN Routing issue

I have 200B Fortigate unit with 2 internet WAN connections. I also have a remote site which I'm connected to via IPSEC VPN through WAN1. This site has only one GW IP address. I'd also like to setup a VPN ontop of WAN2 with that specific site as it's…
JustAGuy
  • 639
  • 3
  • 23
  • 38
4
votes
0 answers

Cisco ASA ipsec vs Anyconnect client issue

So I have an iPad that has a IPSec VPN created. I am able to connect from the outside fine and I can access my local LAN files just fine. When I connect with the Cisco AnyConnect client from the same device, it allows me to login but I can't access…
Richard
  • 153
  • 2
  • 2
  • 10
4
votes
2 answers

Openswan tunnel up, but works only in one direction

I've successfully established an IPsec connection, but it works only partially. One side does not send out packets through the tunnel. It seems as if the network topology is unclear to this side. Any help is highly appreciated! Thanks!! This is the…
grasbueschel
  • 121
  • 1
  • 1
  • 5
4
votes
2 answers

SSH session through an IPSec VPN tunnel freezes when command outputs longer text

I connect to a QNap NAS (Ubuntu 4.1.2) in the office through an IPSec tunnel established between two pfSense firewalls. This has worked fine for months. I recently replaced the NAS with a newer model and upgraded the firmware to the latest version.…
cdonner
  • 381
  • 1
  • 5
  • 15
4
votes
3 answers

FortiGate IPsec VPN: Configuring Multiple Phase 2 Connections (Multiple Subnets)

I am trying to make an IPsec connection to a FortiGate router using OpenSwan. The FortiGate sits on two distinct subnets and I need to access both of them. In the FortiGate I have defined one Phase 1 connection and one Phase 2 connection. This…
FixMaker
  • 235
  • 1
  • 4
  • 9
1 2 3
68 69