Highest Voted 'ipsec' Questions - Server Fault Stack Exchange

0

votes

0 answers

Centos IPSec IKEv2 Client without forward internet

I Have a CentOS 7 Server with WHM/cPanel installed on it. I want to connect on IPSec IKEv2 Tunnel with a preshared key but without forwarding the internet thru the VPN Connection. The Tunnel is important to connect a website to an LDAP Server. How…

asked Aug 18 '23 at 09:52

Manolis Tsiamitas

1

0

votes

0 answers

Error in IKE phase 1 when trying create IPSeC tunnel with Juniper SRX 300

Less than month ago we had to replace our old SRX 210 HE device with a new SRX 300 because the old device started to become unreliable. We had two IPSeC tunnels to two different places both working without a hitch. However, after we rebuilt the…

ipsec juniper ikev1

asked Aug 16 '23 at 06:25

nyoatype

65
1
9

0

votes

0 answers

Best approach for deploying code to servers behind a gateway

I am attempting to adjust my deployment scripts to access a server behind a newly established gateway that I've configured. The gateway currently is accepting traffic from the internet correctly and the server behind the gateway currently is only…

linux linux-networking deployment ipsec gateway

asked Aug 13 '23 at 16:16

Rohit Keshwani

1
1

0

votes

0 answers

Why does this traffic selector not match?

(Note: I'm really using pfSense, but I'm just going to focus on the ipsec.conf files, since pfSense doesn't seem particularly relevant to the issue.) We're getting the following error from charon: Aug 2 21:10:10 vpn-left charon: 13[CFG]…

freebsd ipsec pfsense

asked Aug 03 '23 at 21:30

Thanatos

356
3
12

0

votes

0 answers

Wireguard aside IPSec site to site

I have the following scenario: Connecting to a server (A) through another server (B). My connection to B is via ssh normally. The connection between B and A is through ssh, but via VPN with Wireguard. My problem is that now, the location where…

ssh ipsec wireguard

asked Jul 20 '23 at 18:10

Joey Fran

101

0

votes

1 answer

Strongswan ike phase 1 failed: "IKE_SA being deleted"

I'm trying to build IPsec tunnel between my Strongswan cloud instance to the Cisco CSR 1000V which is from ISP. According to the form given to me, I have to configure with the following factors in mind Phase 1 Authentication Method: PSK Encryption…

ipsec site-to-site-vpn strongswan digital-ocean ikev1

asked Jul 05 '23 at 03:10

9ieR

1
1

0

votes

1 answer

ipsec/strongswan - tunnel is up, traffic is sent and received but replies are ignored

I need some help, I set up a strongswan IPsec tunnel with ESP and IKEv2, the tunnel is UP and remote sees packets coming and answers them, but my server is ignoring? answers. The tunnel is between my Debian 11 server holding both the IP 10.0.1.1 and…

vpn ipsec strongswan

asked Jun 30 '23 at 10:30

Tazq

1
1

0

votes

1 answer

site to site(IpSec) between AWS and Cisco is not working

I am trying to set up a site-to-site VPN connection between AWS and Cisco ASA, but the tunnel status is shown as "Down," and under the details section, the message is "IPSEC IS DOWN." Please find below the tunnel logs: AWS tunnel is the IKE_SA…

amazon-web-services ipsec cisco-asa site-to-site-vpn

asked Jun 28 '23 at 10:49

Ajit Trivedi

1

0

votes

1 answer

How to investigate not received TCP packets sent from VPN on the same LAN?

I'm setting up a VLAN on the cloud where many servers will connect to a remote host via VPN. The setup is as follows: Their Host d.d.d.72 | | | Their VPN Public IP…

firewall routing tcp ipsec strongswan

asked Jun 22 '23 at 05:06

Younes

233
2
6

0

votes

0 answers

Strongswan IPSEC specific rightsubnet

I have strongswan ipsec setup installed in ubuntu OS. I have static public ip 103.x.x.x and vpn clients subnet 10.100.100.2/24. I have 2 clients with ubuntu OS. I was able to ping client 1 to client 2 and vice versa and they have 103.x.x.x public…

ipsec strongswan

asked Jun 19 '23 at 06:00

kramnitsuj

1
1

0

votes

0 answers

Ubuntu - IPSec VPN with Dual Stack / Strongswan

I'am trying to setup a IPSec VPN (ike1) for our Linux clients. But we need dual stack with ipv4 and ipv6. The endpoint is a Fortigate firewall. With two phase2, one for IPv4 and one for IPv6. The setup is as followed: config vpn ipsec…

ipsec strongswan fortigate ubuntu-22.04

asked Jun 12 '23 at 10:34

premar

21
2

0

votes

1 answer

Incoming IPSec traffic on Linux host is not processed via the VTI tunnel using XFRM rules

I have the following setup: Remote IPSec VPN gateway: 81.x.x.x Local machine address: 172.22.1.156 VPN-assigned IP: 10.0.30.97 VTI tunnel interface: vti0: ip/ip remote 81.x.x.x local 172.22.1.156 ttl inherit nopmtudisc key 1000 inet 10.0.30.97/22…

linux ipsec

asked Jun 05 '23 at 15:31

dimitri

101
1

0

votes

0 answers

Windows 11 IKEv2 fails to connect, error code 1931 eventID 20227

I have Mikrotik configured for accepting IPSec connections with server certificate and RADIUS auth, SHA1 and so on enabled on Mikrotik side for Windows compatibility. It also configured for L2TP/IPSec, which I used previously for remote work and…

windows vpn ipsec mikrotik ikev2

asked Jun 05 '23 at 11:38

SelfishCrawler

127
1
5

0

votes

1 answer

Howto get server host into strongswans virtual IP address subnet

I have configured a VPN server and VPN client with strongswan with the following ipsec.conf configuration settings Server ipsec.conf conn ikev2-vpn also=rw-base auto=add compress=no keyexchange=ikev2 forceencaps=yes rekey=no …

ipsec strongswan virtual-ip

asked Jun 02 '23 at 18:43

Ole K

101
3

0

votes

1 answer

strongwan disable user access

Hwo can I disable access for a particular user with strongswan public key authentication? So I have pub key authentication working. the SAN is the email and is the id. Is there a way to reject authentication for a particular userid (rightid) ? I…

ipsec strongswan

asked Jun 01 '23 at 11:59

noone392

113
1
8

Questions tagged [ipsec]