Re: [strongSwan] Help setting up VPNs

2020-09-07 Thread Brian Topping 
I have engaged Mr Kuntze in the past and found his services to be exceptionally 
good. He was prompt with solutions and took care with details. His pricing is a 
good value and I would not hesitate to recommend him based on positive past 
experiences. 

Sent from my iPhone

> On Sep 7, 2020, at 03:05, Kim Mølgaard  wrote:
> 
> 
> Hi!
> I have been tasked to migrate a Cisco ASA VPN setup to Strongswan.
> This involves 3 ipsec site-to-site VPNs
> I have access to the ASA appliance, so i can get all the info from that, but 
> i need someone to help setting these up in strongswan.
> 
> I will pay for an consultant to do this, so please respond with a quote for 
> this job.
> Companies located in the EU is preferred
> 
> Mvh.
> Kim Mølgaard
> ITandMore
> Tlf.: +45 93 89 83 79
> https://itandmore.dk
> CVR nr. 38147110

Re: [strongSwan] IKE Phase 1 and Phase 2 parameters

2020-09-07 Thread Noel Kuntze 
For completeness, if you were to configure an AH CHILD_SA, you'd use the "ah=" 
parameter instead of the "esp=" parameter.

Kind regards

Noel

Am 06.09.20 um 00:16 schrieb Leroy Tennison:
> Thank you, I appreciate the reply.
> 
> Harriscomputer
> 
> *Leroy Tennison
> *Network Information/Cyber Security Specialist
> E: le...@datavoiceint.com
> P:
> 
>   
> 
> 
>   
> 
> 2220 Bush Dr
> McKinney, Texas
> 75070
> www.datavoiceint.com  
> 
> This message has been sent on behalf of a company that is part of the Harris 
> Operating Group of Constellation Software Inc.
> 
> If you prefer not to be contacted by Harris Operating Group please notify us 
> .
> 
>  
> 
> This message is intended exclusively for the individual or entity to which it 
> is addressed. This communication may contain information that is proprietary, 
> privileged or confidential or otherwise legally exempt from disclosure. If 
> you are not the named addressee, you are not authorized to read, print, 
> retain, copy or disseminate this message or any part of it. If you have 
> received this message in error, please notify the sender immediately by 
> e-mail and delete all copies of the message.
> 
>  
> 
> --
> *From:* Andreas Steffen 
> *Sent:* Saturday, September 5, 2020 12:30 AM
> *To:* Leroy Tennison ; users@lists.strongswan.org 
> 
> *Subject:* [EXTERNAL] Re: [strongSwan] IKE Phase 1 and Phase 2 parameters
>  
> CAUTION: This email originated from outside of the organization. Do not click 
> links or open attachments unless you recognize the sender and know the 
> content is safe.
> 
> 
> Hi Leroy,
> 
> the Phase 2 crypto proposals can be set with the "esp=" parameter in
> ipsec.conf.
> 
> Best regards
> 
> Andreas
> 
> On 05.09.20 00:31, Leroy Tennison wrote:
>> I either don't know what to look for on the web or am having trouble
>> finding settings for IKE phase 1 and phase 2 negotiation.  It seems that
>> the '"ike=" ipsec.conf parameter specifies settings for Phase 1 but I'm
>> not finding anything for Phase 2 for Strongswan.  Other IPSec
>> implementations seem to use phase2alg for this but Strongswan either
>> doesn't have this setting or it has another name for it.
>>
>> Can someone explain (or send me a link to an explanation) of how these
>> are decided in Strongswan?  Thanks for your help.
>>
>> Harriscomputer
>>
>> *Leroy Tennison
>> *Network Information/Cyber Security Specialist
>> E: le...@datavoiceint.com
>> P:
>>
>> 2220 Bush Dr
>> McKinney, Texas
>> 75070
>> https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.datavoiceint.com&c=E,1,4UegVHmZyooZscjXFpQOeRrNuVWVHl9MV7N5mK2EefQfyvSV6JrqnT_DqdvqHsq2iqVi4U1AB4Yc-bMVDKQCrmpLzAXFqpP43vPM4-vzJA,,&typo=1
>>   
>>
>> This message has been sent on behalf of a company that is part of the
>> Harris Operating Group of Constellation Software Inc.
>>
>> If you prefer not to be contacted by Harris Operating Group please
>> notify us 
>> .
>>
>>
>>
>> This message is intended exclusively for the individual or entity to
>> which it is addressed. This communication may contain information that
>> is proprietary, privileged or confidential or otherwise legally exempt
>> from disclosure. If you are not the named addressee, you are not
>> authorized to read, print, retain, copy or disseminate this message or
>> any part of it. If you have received this message in error, please
>> notify the sender immediately by e-mail and delete all copies of the
>> message.
>>
> ==
> Andreas Steffen andreas.stef...@strongswan.org
> strongSwan - the Open Source VPN Solution!  
> https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.strongswan.org&c=E,1

Re: [strongSwan] Help setting up VPNs

2020-09-07 Thread Noel Kuntze 
Hello Mr/Mrs. Mølgaard,

I am employed by a swiss company offerings such consulting services. I am also 
self employed in Germany.
Translating the configs from ASA to strongSwan and setting it all up with 
iptables integration and other things probably takes 3 to 4 hours in total.
That'd probably be about 540 to 720 swiss franks (CHF) for my employer or 600 
to 800 € if you engage me directly. I can send you a quote this evening.
For my employer, the official quote would probably be created by a colleauge of 
mine and it'd take some time to get (the quote) to you.

Please let me know if you'd be interested in one of those consulting offerings.
If you'd be interested in engaging my employer, please send me an email at 
noel.kun...@contauro.com and CC my colleague Vincenzo Picone at 
vincenzo.pic...@contauro.com.

Kind regards

Noel Kuntze

Am 07.09.20 um 11:04 schrieb Kim Mølgaard:
> Hi!
> I have been tasked to migrate a Cisco ASA VPN setup to Strongswan.
> This involves 3 ipsec site-to-site VPNs
> I have access to the ASA appliance, so i can get all the info from that, but 
> i need someone to help setting these up in strongswan.
> 
> I will pay for an consultant to do this, so please respond with a quote for 
> this job.
> Companies located in the EU is preferred
> 
> Mvh.
> Kim Mølgaard
> *IT*and*More*
> Tlf.: +45 93 89 83 79
> https://itandmore.dk
> CVR nr. 38147110



signature.asc
Description: OpenPGP digital signature

[strongSwan] Help setting up VPNs

2020-09-07 Thread Kim Mølgaard 
Hi!
I have been tasked to migrate a Cisco ASA VPN setup to Strongswan.
This involves 3 ipsec site-to-site VPNs
I have access to the ASA appliance, so i can get all the info from that, but i 
need someone to help setting these up in strongswan.

I will pay for an consultant to do this, so please respond with a quote for 
this job.
Companies located in the EU is preferred

Mvh.
Kim Mølgaard
ITandMore
Tlf.: +45 93 89 83 79

CVR nr. 38147110