Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ipsec]

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

1031 questions
0
votes
0 answers

ipsec package after decrypted can not be recieved by tproxy

My centos6 machine ipaddress is 192.168.56.10 (eth0). I have installed strongswan and a tproxy like v2ray with iptables: iptables: *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT…
liuliang
  • 1
0
votes
0 answers

Libreswan to Juniper. The tunnel is not going up

authentication-method pre-shared-keys dh-group group14 authentication-algorithm sha1 encryption-algorithm aes-256-cbc lifetime-seconds 28800 protocol esp authentication-algorithm hmac-sha1-96 encryption-algorithm aes-256-cbc lifetime-seconds…
Dakka_Dakka_Dakka_Dakka_Dakka_
  • 1
0
votes
0 answers

Routing decision after IPSec processing

I have a Linux box running in AWS EC2 with just one interface - eht0. This interface connected to private subnet 172.16.0.0 and has an IP 10.95.114.69 on it. All hosts from subnet are reachable from this Linux box. This box terminates IPSec tunnel…
Kirill Nikitin
  • 11
  • 3
0
votes
0 answers

IPsec access from multiple local Networks over a single IP Address

I have to connect our company network with the network of a customer to access some of their resources. The IT department of the customer defined a IPsec VPN in tunnel mode with two phase 2 configuration for two different subnets on their side. For…
Andreas
  • 101
  • 1
0
votes
0 answers

Is it possible to get a cloud server connected via IPsec tunnel to one gateway, that then passes it to another via LAN?

Odd situation but I'm trying to get something that works with certain products. Here are the components in this scenario: Virtual Machine in cloud, connected to a SonicWall gateway ("Cloud Gateway") Local gateway at customer office with full…
addMitt
  • 103
  • 2
0
votes
1 answer

Windows 11 L2TP and IPSEC: Where to set the IpSec group

First of all: I know : L2TP and IPSEC from Windows XP: Where do I put the IPSEC group name? exists, but the answer is incorrect and is not working on Windows 11 (please do not duplicate this topic by linking that one, it's 13 years old). And: L2TP…
anotherlostedguy0
  • 3
  • 1
0
votes
0 answers

Open VSwitch - Connect two virtual networks through two physical networks

I managed to setup the following network configuration : HOST1 and HOST2 are two physical machines running Debian OS. They have both two network cards (eth0 and eth1), each of them connected to two physically separated network and with different…
Fab
  • 111
  • 5
0
votes
1 answer

Cannot establish connection on two-way comms like SSH on Phase 2 VIP attached to LAN IP using NAT 1:1

As the title say, I cannot establish connection on two-way comms like SSH on Phase 2 VIP attached to LAN IP using NAT 1:1. Phase 1 and Phase 2 is UP. Phase 2 Remote IP is 192.168.1.248 and Local IP is 172.16.250.10 (VIP) I created a NAT 1:1 both on…
Raul Chiarella
  • 216
  • 1
  • 4
  • 17
0
votes
0 answers

Cannot establish an IPsec site-to-site VPN between an EC2 instance and a SonicWALL firewall

I'm trying to establish a site-to-site IPsec VPN between an EC2 instance running StrongSwan and a SonicWALL firewall. I've tried a lot of different configurations, but currently I have this at the EC2 side: conn A-B authby=secret …
Iran Rodrigues
  • 1
  • 1
0
votes
0 answers

IPsec Tunnel to Vendor with Azure AD

On Prem AD connected to Azure AD connect. A vendor we are using requires an IPsec tunnel to a DC on their side to then create a trust to our on Prem AD. Problem is, their router is not compatible with ours due to them being behind a NAT and refusing…
EastCoast2234
  • 11
  • 2
0
votes
1 answer

strongSwan VPN tunnel (IKEv2) established but traffic times out

I have a VPN server that tunnels traffic to a PostgreSQL database server which is otherwise unreachable from the internet. The VPN is only reachable by IPv4. Problem All clients can establish a VPN connection. Some clients can't connect to the…
ffrosch
  • 111
  • 6
0
votes
0 answers

LibreSwan IKEv2 multiple left subnet for vpn splitting

I have built an IKEv2 VPN server. The current config in /etc/ipsec.d/ikev2.conf is like this: conn ikev2-cp left=%defaultroute leftcert=58.xx.xx.xxx leftsendcert=always leftsubnet=192.168.1.0/18 leftrsasigkey=%cert right=%any …
Gian Lorenzo Abaño
  • 101
  • 2
0
votes
0 answers

Static Route on IPSEC tunnel

I have a IPSEC tunnel configured as follows. Site A (Sophos XG) 192.168.40.0/22 to Site B (pfsense) 10.1.1.0/22 At site B i have a Zabbix instance installed at 10.3.1.2 on a separate VLAN. I want this Zabbix instance to access the XG (over the…
Nathan
  • 165
  • 8
0
votes
0 answers

How can I connect an Openshift cluster, via IPsec VPN, to an on premise network?

Good morning everyone, the goal I'm trying to achieve is to connect an Openshift cluster, via IPsec VPN with preshared key, to an on premise network (the img attached is a simplification of the infrastructure to be achieved). I tried following this…
EBru
  • 1
  • 1
0
votes
0 answers

IPSec VPN between StrongSwan and DrayTek Router fails on second rekeying

I want to establish an always-on IPSec VPN between a DrayTek Vigor2860 and an EdgeRouter X (which uses StrongSwan). The Draytek is behind a NAT and dials into the ER-X. The VPN connects and works, but disconnects at the second rekeying. It then…
masgo
  • 433
  • 1
  • 4
  • 12
1 2 3
68 69