On Tue, Dec 05, 2006 at 07:48:26AM -0600, Ryan Corder wrote:
> On Tue, 2006-12-05 at 12:06 +0900, Mathieu Sauve-Frankel wrote:
> > > now, I got the tunnel setup just fine using just ipsec.conf. I was just
> > > curios if there was a quick and simple way to to test traffic through
> > > the tunnel
On 12/5/06, Ryan Corder <[EMAIL PROTECTED]> wrote:
I never said that ping wasn't a good test...if I could use ping I would.
However, in the setup where I have two machines, A and B that have
addresses 192.168.2.5 and 192.168.2.6 respectively and an IPSec tunnel
setup as so:
A - ike esp from
On Tue, 2006-12-05 at 12:06 +0900, Mathieu Sauve-Frankel wrote:
> > now, I got the tunnel setup just fine using just ipsec.conf. I was just
> > curios if there was a quick and simple way to to test traffic through
> > the tunnel since it is just a host to host configuration.
>
> I'm curious to kno
> now, I got the tunnel setup just fine using just ipsec.conf. I was just
> curios if there was a quick and simple way to to test traffic through
> the tunnel since it is just a host to host configuration.
I'm curious to know why you don't think ping is a good tool to test
this with ? run ping a
On Mon, 2006-12-04 at 14:26 -0600, Jacob Yocom-Piatt wrote:
> this is easy enough to setup using isakmpd.conf files, but i don't know how
to
> do it with ipsec.conf yet. a "rosetta stone" for such translations would be
nice.
>
> i recommend you google for an isakmpd.conf based setup that tunnels fr
> ike passive esp from any to any main auth hmac-sha1 enc 3des-cbc \
> quick auth hmac-sha1 enc 3des-cbc group modp1024 \
> psk "sharedsecret"
actually, this is more what you're looking for
ike passive esp from any to 0.0.0.0 main auth hmac-sha1 enc 3des-cbc \
quick auth hmac-
> openbsd ipsec, i was not able to figure out how to convert from the below
> isakmpd.conf (from
> http://72.14.203.104/search?q=cache:gspcrTnrOq8J:www.openbsd.cz/~pruzicka/vpn.html+ipsec+windows+xp+openbsd&hl=en&gl=us&ct=clnk&cd=4&client=firefox-a
> ):
>
try this. You probably want to try this o
On Mon, Dec 04, 2006 at 02:26:21PM -0600, Jacob Yocom-Piatt wrote:
> this is easy enough to setup using isakmpd.conf files, but i don't know how to
> do it with ipsec.conf yet. a "rosetta stone" for such translations would be
> nice.
ipsecctl -nvf /etc/ipsec.conf will show you all of the FIFO com
Original message
>Date: Mon, 4 Dec 2006 17:16:51 -0500
>From: "Martin Gignac" <[EMAIL PROTECTED]>
>Subject: Re: vpn difficulties
>To: misc@openbsd.org
>
>On 12/4/06, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote:
>
>> >if anyone
On 12/4/06, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote:
>if anyone knows, what is a good way to test a host 2 host VPN? Since
>I'm not routing two different networks across the VPN, there is nothing
>easy to test like pinging a host on the other end of the tunnel.
this is easy enough to setup
Original message
>Date: Mon, 04 Dec 2006 10:38:07 -0600
>From: Ryan Corder <[EMAIL PROTECTED]>
>Subject: Re: vpn difficulties
>Cc: misc@openbsd.org
>
>On Sat, 2006-12-02 at 21:33 +0900, Mathieu Sauve-Frankel wrote:
>> > output of '/sbin/isakmp
On Sat, 2006-12-02 at 21:33 +0900, Mathieu Sauve-Frankel wrote:
> > output of '/sbin/isakmpd -SKvd' give no output on either host.
>
> Don't use -S. It should ONLY be used when running two ipsec gateways
> in failover mode with carp and sasyncd.
if anyone knows, what is a good way to test a host 2
> output of '/sbin/isakmpd -SKvd' give no output on either host.
Don't use -S. It should ONLY be used when running two ipsec gateways
in failover mode with carp and sasyncd.
--
Mathieu Sauve-Frankel
misc@,
after working on this for a while, I've decided that I'm definately
doing something wrong. I'm trying to setup a very basic IPSec tunnel
between two hosts, but am not getting anywhere.
hostA is 192.168.1.5, hostB is 192.168.1.6 -- they are connected via a
crossover cable. I can ping, use
14 matches
Mail list logo
