Networking :: Debian Etch - OpensWan - Zyxel Prestige Ipsec Vpn?
Jan 19, 2010
i need to build an ipsec vpn between a linux debian server and a zyxel prestige, The debian server got 2 ethernets connection one for the internal network and the other one is public with a public ip adress.I need to know what i need for the build the tunnel, could you please let me know what i need? Let me explain i have only to configure openswan or i have to configure the iptables or somethings else too? I found this one do you think this would be work for me? [URL]..Is debian a right distro or should i try someone else?
View 2 Replies
ADVERTISEMENT
Feb 9, 2011
I'm having some trouble getting my Zyxel NWD271N usb wireless adapter to connect.I'm using Ubuntu Desktop 64bit 10.10 What happens is that i'm always asked to enter the wpa key, and i've double and tripple checked that it's entered correctly. The wierd thing is that it has connected once or twice, but lost connection quickly, but i saw that i got an ip. I'm not sure about the maximum range on the adapter but i would estimate the distance to be no more than 4-5 meters from the wireless point. Also the signal indicator on the list of wireless networks shows strong, if not full. when i run lsusb i get:
Code:
Bus 001 Device 007: ID 0586:3417 ZyXEL Communications Corp. NWD271N 802.11n Wireless Adapter [Atheros AR9001U-(2)NG] when i run lsmod |grep ar9170 (saw the command on a german forum so i didn't understand what was talked about, but i got that it was about the same adapter) i get:
Code:
ar9170usb 54294 0
mac80211 267163 1 ar9170usb
ath 10413 1 ar9170usb
[code]....
View 5 Replies
View Related
Jul 2, 2010
i know whether openswan-2.4.8 can install on centos 5.3.becoz i download openswan-2.4.8.tar.gz and after some changes in the configuration file, i verify ipsec..it runs all ok..then i do service ipsec start.then lot of errors happen.. is it possible to clear the errors..is any body succeeded in it.my distro version 2.6.18-128.el5.i am plan to setup an openswan vpn with certificate to tunnel a windows XP client.
View 1 Replies
View Related
Jun 1, 2010
I picked up the computer for free (Dell P4 with no HD), stuck in a hard drive I had laying around and installed Ubuntu Studio 10.04 yesterday. I am completely clueless about how to do anything with Linux. I put in a Zyxel g-360 wireless pci card, and found the ACX111 driver online. I found the wiki here: [URL] Are those installation instructions? I can't understand what it says. I have the Zyxel installation disk for Windows XP if that helps.
View 9 Replies
View Related
Jun 16, 2010
i want to setup a vpn for that i install openswan and l2ptd. both are installed from tar balls. after that i configure /etc/l2tp/l2tp.conf and /etc/ppp/options.l2tpd and /etc/ppp/chap-secrets files.what can i do to start l2tpd service
View 1 Replies
View Related
Feb 27, 2011
I would like to access my NSA-220 Plus through the Internet without having computer turned on. I tried to set it up as a FTP server but I was not successful. I tried few tutorials but all allow me to access NSA-220 Plus only within my home network which is not what I want. Also I tried user manual which does not really tell you how to do this.
View 2 Replies
View Related
Feb 18, 2011
Hello, I've installed OpenSwan with xl2tpd on my server, and set it up for roadwarriors connecting using certificates.
My server is Debian 5.0.8, I am running xl2tpd 1.2.0, and Openswan IPsec 2.4.12, my clients are all Windows, and I am testing my setup on a Windows 7 client.
I have no problem connecting to the server, but after some time the connection drops. I removed the idle option from the ppp config but it does not make any difference.
Even when I create constant traffic with ping -t the connection drops also.
I have no problems reconnecting right away.
I have been hacking at this for a couple of days, reading every post I can find, but I have not found a solution to my problem.
Here are my configs and logs:
CONFIG FILES:
/etc/ppp/option.l2tpd
-----------------------------
ms-dns 10.248.75.4
ms-wins 10.248.75.4
asyncmap 0
auth
crtscts
[Code]....
View 5 Replies
View Related
Jan 21, 2009
When implement openswan in redhat5 and start ipsec appear this problem
whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
what this file contain
and when run this command
ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.10/K2.6.18-8.el5 (netkey)
Checking for IPsec support in kernel [OK]
Testing against enforced SElinux mode [FAILED]
SElinux is running in 'enforced' mode. Since no working SElinux
policies exist for Openswan, SElinux should be disabled.
echo "0" > /selinux/enforce (or edit /etc/sysconfig/selinux)
NETKEY detected, testing for disabled ICMP send_redirects [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/send_redirects
or NETKEY will cause the sending of bogus ICMP redirects!
NETKEY detected, testing for disabled ICMP accept_redirects [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
or NETKEY will accept bogus ICMP redirects!
Checking for RSA private key (/etc/ipsec.secrets) [DISABLED]
ipsec showhostkey: file `/etc/ipsec.secrets' does not exist
Checking that pluto is running [FAILED]
whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Two or more interfaces found, checking IP forwarding [FAILED]
whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
View 3 Replies
View Related
Apr 28, 2010
I want to connect OpenVPN to office network. I receive mail where is openswan configuration file, but I want to OpenVPN
conn CONNECTION-NAME
disablearrivalcheck=no
type=tunnel
left=IP MY SERVER
right=IP OFFICE SERVER
rightsubnet=LOCAL IP SERVER IN OFFICE/32
[Code]....
View 1 Replies
View Related
Jan 15, 2010
Does anybody know what to do? Internet works fine except for that problem.
I can attach files of 33kb in web-based email service (Gmail) but no big ones.
View 3 Replies
View Related
Feb 17, 2010
I am getting this error when I try to bring up IPSec Tunnel.Starting connection with command /usr/sbin/ipsec auto --up 'paycode-to-vivacom' ..
104 "paycode-to-vivacom" #7: STATE_MAIN_I1: initiate
003 "paycode-to-vivacom" #7: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
003 "paycode-to-vivacom" #7: ignoring Vendor ID payload [FRAGMENTATION c0000000]
[code]....
View 3 Replies
View Related
Aug 24, 2010
I have an IPsec VPN between 2 Ubuntu 10.04.1 Boxes which is working perfectly. However I cannot get any traffic to route down the VPN link.Interestingly, when checking the routing table, there isn't even a route list for the remote network. This is the same on both sides. Also there isn't an ipsec0 interface listed either.However, when a the command "sudo service ipsec status" is ran, it definately shows the tunnel is up and connected.
View 1 Replies
View Related
Sep 9, 2010
I install openswan on rhel6 and when i execute the command "service ipsec start "
it say:
/usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled
/usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled
ipsec_setup: Openswan IPsec apparently already active, start aborted
[Code].....
View 1 Replies
View Related
Feb 2, 2010
I have an old compaq pressario (with a compaq cd/dvd player + HP cd writer/Reader) with Debian Etch and a gnome desktop, and I would like to extract the mp3 dvd a friend gave me (He made it from bittorrent). On a XP box the cd is played without problem but I would like to extract and play each song on Etch. I have Sound juicer which works allright for usual audio cd but not with this mp3 thing. I have tried to define a new profile with params I have found on the net for mp3 but up to now without success. I even don't know if it's a problem of hardware being too old, or if I could solved this with the appropriate software
View 6 Replies
View Related
Apr 15, 2010
I was able to compile python 2.6.5 on debian 4 etch successfully. The contents of /usr/share/python/python_defaults are now like this:
Typing "python" on terminal now starts the correct version which is 2.6.5.
The next thing I installed wxPython from wxWidgets repository. I followed the instruction explained here:
[url]
When installation was about to finish, I got this error:
I am sure something I have missed something before installing wxPython. It seems it's related to "python_defaults", but I am not sure.
View 3 Replies
View Related
Sep 23, 2010
There is a "Debian" way to get clamav 0.96 in Debian Etch 4.0 ?
I put volatile repository in my sources.list, but after upgrade I've:
Quote:
View 1 Replies
View Related
Jul 21, 2009
I'm trying to perform a VPN lan to lan IPSEC connection. By my side, I have a server with 2 IP's, i.j.k.l (destined to act as a VPN gateway) and i.j.k.m (the server). I am a newbie. I don't know if this configuration is normal, but it's forced by our partner.
My configuration is:
OS: Fedora release 7 (Moonshine)
OpenSWAN version: Linux Openswan U2.4.7/K2.6.23.17-88.fc7 (netkey)
ipsec.conf
# /etc/ipsec.conf - Openswan IPsec configuration file
#
# Manual: ipsec.conf.5
[Code]...
View 3 Replies
View Related
Feb 12, 2011
I've been using IPv6 on my local network and through a Hurricane Electric IPv6 tunnel. I've heard that one of the built in features of IPv6 is encryption, both scrambling the data and authenticating where the traffic came from. I've done some searching and heard of SWAN and Racoon, but some of the stuff I found is old and I would like to know what the easiest/best way to set up IPSEC for IPv6 is.
View 3 Replies
View Related
Jun 4, 2010
I had configured IPSEC/L2Tp on my Centos 5.4 gateway machine .For testing i had disabled firewall and Ipsec is working fine.I am able to connect from client etc...Now i want to allow Ipsec and l2tp throught Firewall.here is my Current Working Firewall.Only Openvpn is allowed and is Redirected.
eth0=XXXSTATICIPXXX
eth1=192.168.1.81
OpenVpn IP Range = 172.24.0.16/4
Ipsec Ip Range = 192.168.1.0/24
[Code].....
View 2 Replies
View Related
Jun 4, 2009
i would like to establish a VPN connection which can hold either 'two' hosts..and secondly if that's done i would like to go for more number of users..Can i do it using IPSec services??if yes then how?
View 9 Replies
View Related
Jun 22, 2011
While I successfully configured an IPsec-VPN (I use a similar tho modified setup like this:[URL].. I am now stuck on the next steps. While I can connect to everything I want, I need to configure "access-groups" and/or "users".
The scenario is similar to this: Lets say Host A, B and C allow SSH-Connections and some weird non-standard UDP-Connection from Host-VPN, and are also accessible on other ports with public IP's (like http).
I now want to limit, that an admin-user has access to all of them, while trainee-admin only can access everything on Host B and C, and CEO only can connect via telnet to Host C - and all users can be roadwarriors
(I made this example up to give you an idea what i'm trying to do - hope it makes sense). Now my question is, if someone can point me towards a direction, as I'm quite clueless at the current moment as to what to try. I know that commercial IPsec-Implementations can do this, but can OpenSWAN/... give me something similar?
View 1 Replies
View Related
Feb 27, 2011
I have a Ubuntu 10.10 box which i've developed an IPTables Firewall script and is forwarding my ports correctly. This service also runs Openswan VPN Server with 2 VPN's, which is also working well.
I have come across a small snag with excluding the multiple VPN subnets I have from the NAT on this box.
I have the line in my configuration file:
-A POSTROUTING -o eth1 -s 10.172.1.0/24 -d ! 192.168.5.0/24 -j MASQUERADE
Which when added to IPTables does make the VPN come to life. But I can't seem to get it to add the second subnet. Unfortunately, I can't do a blanket exclusion such as 192.168.0.0/16 because the second VPN is on a Class B subnet address which I cannot change.
View 1 Replies
View Related
Aug 18, 2011
Connecting two networks with ipsec on this manual [URL] The two networks are connected, everything works, the question is as follows: For a gateway to multiple subnets, I have access to only one subnet is listed in / etc/sysconfig/network-scripts/ifcfg-ipsec0 DSTNET = 192.168.2.0/24. How do I get access to all the subnets?
View 2 Replies
View Related
Feb 25, 2011
For archiving purposes, I am looking for the different (Gnome, KDE, Xfce) live CD images of the last revision (9) of Etch. I want a copy of them to compare how the system and the desktop environment have evolved in the last couple of years. Actually, I would also like to have live CD images of older releases, but I don't know if they exist.
View 5 Replies
View Related
Mar 16, 2010
actually my Debian is still in Etch stable version. What is the best way to migrate to stable lenny version
My understanding was :
replacing Etch links in sources.list with Lenny links perform aptitude update & aptitude safe ugrape.
View 1 Replies
View Related
Jun 21, 2010
tried to to run apt-get update (under Debian Etch)but it does not workI get the output (see apt_get_output.txt)I also tried running apt-get upgrade first, but that did not change anything.My sources list looks like (see sources.txt)
View 8 Replies
View Related
May 18, 2011
I try to upgrade Etch to Lenny and get the following problem:
Code:
# apt-get update
# apt-get dist-upgrade
Reading package lists... Done
Building dependency tree... Done
[code]....
View 7 Replies
View Related
Jan 28, 2009
I have two ext3 drives recovered from a failed NSLU2 network file server. I need to recover some of the files stored on them, so...I attempted to mount them on my debian ETCH (LV file system), thus:
# mkdir /mnt/usbdrive
# mount -t ext3 /dev/sda1 /mnt/usbdrive
Instead of seeing the drive content I see my harddrive's GRUB & Kernel partition. What am I doing wrong? What do I need to do to see the drive's content?
View 1 Replies
View Related
Feb 17, 2010
I need to install Etch (not Lenny ) over the internet - but all my mirrors won't even entertain me. Is there a way to still install Etch over the 'net - as opposed to Lenny? I need Etch because of some specific software I am running - and I have to PXE boot (I've used the Etch netboot.tar.gz files).
View 6 Replies
View Related
Apr 21, 2011
I've a very old server with Debian Etch, and now I need to upgrade to Squeeze. I think it's correct to upgrade first to Lenny, so I followed this link:
[URL]
[code]....
Score is -2280
Accept this solution? [Y/n/q/?]
View 2 Replies
View Related
