Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ipsec]

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

IPsec (Internet Protocol Security) is a protocol for securing IP communications by authenticating and encrypting each IP packet of a communication session.

1031 questions
4
votes
4 answers

pfsense 2.0.2 racoon(ipsec vpn) unreliable

I'm having issues with racoon (ipsec VPN) on pFSense 2.0.2 (and 2.0.1). According to racoon all my tunnels are up (I have about 130 of them), but over time more and more of them won't pass traffic through. If I restart racoon the tunnels start…
cpuguy83
  • 202
  • 2
  • 8
4
votes
2 answers

How to delete IPSEC VPN tunnel from Fortigate 60

I have had a IPSEC connection setup between two firewalls. Now I want to remove the tunnel in my firewall, a "Fortigate 60". There are two phases, "Phase 1" and "Phase 2" for each IPSEC connection. I can delete the "Phase 2" entry by clicking the…
Björn
  • 225
  • 1
  • 3
  • 10
4
votes
1 answer

Cisco ASA ipsec IKEv1 remote access for Avaya VPN phone - no client address assigned

I'm having a strange issue with remote access VPN connectivity on our ASA cluster. Normal site-to-site tunnels and AnyConnect connections works just fine. However, a special ipsec ikev1 tunnel does not. It establishes, and stays up, but the client…
pauska
  • 19,620
  • 5
  • 57
  • 75
4
votes
1 answer

Windows Firewall IPSec configuration, how to protect the AD

Here's my infrastructure configuration: All servers have public IP I've setup a GPO to enable IPSec on everyone of them with a "require for inbound and request for outbound" rule, for all server, with the default Authentication. Except for the…
Nock
  • 203
  • 2
  • 12
4
votes
1 answer

Fortigate Remote VPN : no matching gateway for new request

I am trying to configure a Fortigate 60C to act as an IPSec endpoint for remote VPN. I configured it like this : SCR-F0-FGT100C-1 # diagnose vpn ike config vd: root/0 name: SCR-REMOTEVPN serial: 7 version: 1 type: dynamic mode: aggressive dpd:…
Kedare
  • 1,786
  • 4
  • 20
  • 37
4
votes
2 answers

Connecting to IPSec/L2tp with OpenSwan/xl2tpd from Windows7 to Amazon EC2

I am trying to connect from my Windows7 at home to my OpenSwan/xl2tpd setup on an Ubuntu EC2 instance at Amazon. It is a connection being NATed from both the client and server ends. I was following tips from several threads for how to accomplish…
Noam Singer
  • 41
  • 1
  • 5
4
votes
2 answers

Understanding ipsec with NAT and dynamic IP's

I'm using OpenSWAN to set up a net-to-net VPN tunnel. I have succeeded in configuring a test scenario as follows: About test and test2: they are Ubuntu 12.04 virtual machines created using ubuntu-vm-builder they use bridged networking to the…
Isaac Sutherland
  • 787
  • 2
  • 9
  • 17
4
votes
3 answers

Suggestions for transitioning to new GW/private network

I am replacing a private T1 link with a new firewall device with an ipsec tunnel for a branch office. I am trying to figure out the right way to transition folks at the new site over to the new connection, so that they default to using the much…
Quinten
  • 1,076
  • 1
  • 11
  • 25
4
votes
3 answers

How do I encrypt SQL Server traffic with IPSEC?

I've found all sorts of documentation on what IPSEC is and how to (in very non-specific ways) configure it, but I can't seem to configure a Windows Firewall With Advanced Security rule that both A) requires all SQL Server traffic to be encrypted,…
Sean
  • 183
  • 2
  • 6
4
votes
1 answer

Is it possible to connect two IPSec site-to-site VPNs to one Windows 2008 Server?

I need to connect to two IPSEC site to site vpns from a Windows 2008 Server at the same time. Is it posible? I tried to assign two IP Security Policies, but it seems I can only have one assigned at a time.
user1094503
  • 43
  • 4
4
votes
0 answers

configuring IPsec with IPV6

I am working with racoon tool and ipsec-tools and I have been able to connect two devices with IPSEC working in transport mode. However, I did it with IPv4 addresses and when I change them to IPV6 addresses, it doesn't work. Does anybody know if…
user1245091
4
votes
0 answers

How do I configure OpenSwan to allow pure IPsec (not L2TP) connections from an iPhone?

Similar to this question, I want to configure an IPsec server on Linux which will accept connections from the iPhone. However, unlike the other question, I want to be able to test with pre-shared keys before making the jump to…
mpontillo
  • 924
  • 6
  • 23
4
votes
2 answers

TCP Reverse Proxy through VPN

I have a rather odd situation, but it's simple, I swear. I have a server (we'll call it host A) that's connected up to the internet and I use for some websites and other odds and ends. I have another server (we'll call it B) that's hosting files and…
jcrawfordor
  • 193
  • 1
  • 7
4
votes
2 answers

StrongSwan ipsec ubuntu "ignoring informational payload, type NO_PROPOSAL_CHOSEN"

I have StrongSwan running on a ubuntu server and I'm trying to create an ipsec encrypted VPN tunnel with a Cisco 2821 router . The connection is not working and I cannot figure out why. It appears to complete phase 1, but fails at phase 2. Can…
Tucker
  • 165
  • 1
  • 3
  • 10
4
votes
1 answer

Is there a way of setting an MTU lower for traffic destined to a specific IP address on Cisco ASA?

I have a number of VPN sites where the MTU is lower than standard (1500). I have had at least one site where fragmentation of packets has had an effect on the success of building an IPSEC tunnel. I am able to set the MTU on the equipment at the…
dunxd
  • 9,632
  • 22
  • 81
  • 118
1 2 3
68 69