Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openswan]

129 questions
26
votes
1 answer

IPsec for Linux - strongSwan vs Openswan vs Libreswan vs other(?)

Searching for IPSec and Linux one inevitably will be confronted with different solutions (see below) which all seem quite similar. The question is: where is the difference? I found these projects. All of them are open source, all are active (have a…
masgo
  • 423
  • 1
  • 4
  • 11
8
votes
1 answer

Can OpenSWAN replace OpenVPN?

Background I have a working OpenVPN setup right now, where users can connect the the private network at home with their computers. However most phones only support IPSec, so I would like to offer the same service for phones with IPSec as I do for…
Sandra
  • 9,973
  • 37
  • 104
  • 160
7
votes
1 answer

Can't get past "pending Phase 2" on OpenSWAN <-> ISA Server IPSec VPN

The issue I´m having quite a hard time configuring OpenSWAN on my Linux server (Ubuntu 12.04) to connect to an ISA Server 2004 IPSec VPN. There is apparently something wrong in the configuration that impedes the tunnel from working. It looks like…
GomoX
  • 776
  • 3
  • 8
  • 21
7
votes
1 answer

L2TP over IPSec VPN with OpenSwan and XL2TPD can't connect, timeout on Centos 6

I'm setting up LT2p over IPSec on my Centos 6.3 fresh install. I have iptables flushed, permit all. Whenever I try to connect, i get a 'no reply from vpn' and nothi Here's my ipsec.conf file (Server is 1.2.3.4) : config setup nat_traversal=yes …
Disco
  • 1,301
  • 5
  • 19
  • 34
6
votes
1 answer

IPSec + L2TP + NAT-Traversal does not work for multiple clients behind same nat

I have recently configured a VPN server hosted in AWS EC2. Details: Centos 6.4, openswan, xl2tpd, NAT-traversal. The configuration works great for a scenario when only one user connects form a given public IP address behind NAT. But when there are…
Fentik
  • 61
  • 1
  • 2
6
votes
3 answers

Simple L2TP/IPsec server not working (openswan, xl2tpd, Ubuntu, Windows)

I configured openswan and xl2tpd on an Ubuntu 12.04 server (on EC2) by following various tutorials/documentation which seem to largely say the same things, but most recently this one. However, my attempts to connect from Windows (which I configured…
Yang
  • 1,655
  • 6
  • 20
  • 35
6
votes
1 answer

IPsec VPN site-to-site: How should I configure the ipsec.conf files on both sites to get the tunnel up?

What I am trying to do is to create a site-to-site IPsec VPN between my network and my friend's network. We both have a router and two computers on each router, with all computers running Linux. So I guess the topology looks like this [myPC1 +…
Deneb
  • 107
  • 1
  • 1
  • 6
6
votes
2 answers

Issue routing openswan vpn traffic beyond the server

Trying to set up a openswan based server sitting in an Amazon VPC cluster. The goal is to make it so we can VPN into VPC and have our workstations be as if they were on the network, more of a roadwarrior configuration. Our VPN client of choice is…
Ken Robertson
  • 61
  • 1
  • 3
5
votes
1 answer

Connecting to Meraki Client VPN from Ubuntu w strongswan and xl2tpd

I have a virtual appliance running Ubuntu 14 that I would like to connect to a remote network via Meraki Client VPN. I have found instructions for installing and configuring strongswan and xl2tpd on Ubuntu 16 which get me most of the way there, but…
user3794652
  • 51
  • 1
  • 2
5
votes
1 answer

How to enable debug logs in OpenSwan?

I use OpenSwan IPSec tunnel on CentOS 6.7. I have added the following configuration in /etc/ipsec.secrets according to this link: http://linux.die.net/man/5/ipsec.conf config setup plutodebug=all plutostderrlog=/var/log/openswan.log Unfortunately…
Michael
  • 587
  • 3
  • 9
  • 23
5
votes
1 answer

Site-to-Site IPsec vpn not sending ping across a tunnel

This is my first attempt at a site-to-site VPN. I chose to use IPec because it appeared to be the best solution for what I needed to accomplish. I've followed several different tutorials over the last week with little success. Right now I can not…
autisticgeek
  • 53
  • 1
  • 1
  • 3
4
votes
2 answers

Site to Site VPN error 'received hash payload does not match computed value'

We need to access a couple of Linux machines located at our client's end. Our Linux machine, from which we need to access client's machine is located on cloud. The connection to be established is site-to-site VPN. On restarting the ipsec service…
Tapo
  • 53
  • 1
  • 5
4
votes
3 answers

Connecting to a FortiGate VPN from a remote Linux machine via OpenSwan

Here's the setup: I have a FortiGate unit on a business network, which has a FortiGate VPN set up. Machines on a remote network that can run FortiClient (Windows and Mac machines) have no problem connecting to this VPN. I have been tasked with…
user2892724
  • 41
  • 1
  • 1
  • 3
4
votes
1 answer

VPN ERROR 500 STATE_MAIN_I1, unable to start phase2

i'm trying to set up a site to site vpn to a fortigate 60c from a CentOS 7 with openswan, the error i get everytime is the following 000 #1: "office":500 STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_v1_RETRANSMIT in 8s; nodpd; idle; import:admin…
Julio Villalba
  • 41
  • 1
  • 5
4
votes
2 answers

Openswan tunnel up, but works only in one direction

I've successfully established an IPsec connection, but it works only partially. One side does not send out packets through the tunnel. It seems as if the network topology is unclear to this side. Any help is highly appreciated! Thanks!! This is the…
grasbueschel
  • 121
  • 1
  • 1
  • 5
1
2 3
8 9