-1s(seq in:0 out:0); idle; import:not set
000 #1: "lmu"[1] 198.228.211.206:51400 STATE_MAIN_R3 (sent MR3, ISAKMP SA
established); EVENT_SA_REPLACE in 3285s; newest ISAKMP; lastdpd=-1s(seq in:0
out:0); idle; import:not set
000
On Thursday, October 24, 2013 7:57 AM, Pruss Brian-ABP035
wr
n:0 out:0); idle; import:not set
000 #1: "lmu"[1] 198.228.211.206:51400 STATE_MAIN_R3 (sent MR3, ISAKMP SA
established); EVENT_SA_REPLACE in 3285s; newest ISAKMP; lastdpd=-1s(seq in:0
out:0); idle; import:not set
000
On Thursday, October 24, 2013 7:57 AM, Pruss Brian-ABP035
wr
Hi Everyone,
I appreciate if someone can help me with some configuration issue that I am
facing with.
I have a Linux machine running Strongswan 5.0.4-1 . That machine gets
connected to the internet via a modem ( 3g GSM AT@T)and it gets different IP
address every time it connects( like 10.227.1
On Tuesday, October 22, 2013 11:42 AM, Farid Farid wrote:
Hi Everyone,
I need help to connect my strongswan based machine to a openswan based
machine behind NAT ( host-host).
On my remote machine which runs strongswan here is the output of >> ipsec up
1 which tr
Hi Everyone,
I need help to connect my strongswan based machine to a openswan based
machine behind NAT ( host-host).
On my remote machine which runs strongswan here is the output of >> ipsec up
1 which tries to connect to the other end:
It seems it never connects.
root@LMU5k:~
18:35, Farid Farid wrote:
> Hi Martin,
>
> After establishing the successful secure connection between two hosts I
> am using PING to validate the connectivity.
>
> I am capturing the data using TCPDUMP. It is interesting that I can
> still see the ech-request in plain text
:29:46.463225 IP 192.168.1.209 > 192.168.1.55: ESP(spi=0xcaec41a1,seq=0x2c),
length 132
Am I supposed to see one packet in plain text? would it be any reason for it?
Thanks a lot for your help.
Farid
On Friday, October 18, 2013 9:08 AM, Farid Farid wrote:
Thanks Martin for the good deta
Thanks Martin for the good detail. Yes that was the problem. It works with
IKvE2.
Best Regards,
Farid
On Thursday, October 17, 2013 11:49 PM, Martin Willi
wrote:
Hi Farid,
> I have observed if I select charonstat=yes and plutostart=no ipsec
> is not listening in all interfaces
With
Hello Everyone,
I have a machine Ubunto 12.0 with strongSwan 4.5.2.1.
I have observed if I select charonstat=yes and plutostart=no ipsec is not
listening in all interfaces and it never receives any connection from outside.
>>netstat -ualn shows the following:
udp 0 0 0.0
Hello Everyone,
I have a question about compatibility between Openswan and Strongsswan.
I need to connect one machine with Strongswan (4.5.2) to another machine
running Openswan (2.6.32) using PSK.
Would it be any consideration to do that or it is a straight forward task?
Thanks,
Farid___
I got this working .I am not sure what I did but the tunnel gets established
with no error.
Thanks,
Farid
From: Farid Farid
To: Farid Farid ; "users@lists.strongswan.org"
Sent: Tuesday, August 27, 2013 2:00 PM
Subject: no IKE config
Hello Everyone,
I have two machines one Ubunto 12.0 with strongSwan 4.5.2.1 and one a Openwrt
router running strongswan 5.0.4.1.
I am configuring a simple host-host topology with secret key ( password). I
ran >>ipsec start --nofork on ubuntu machine and >>ipsec up conn on Openwrt
router
Helo Everyone,
I have two machines one Ubunto 12.0 with strongSwan 4.5.2.1 and one a Openwrt
router running strongswan 5.0.4.1.
I am configuring a simple host-host topology with secret key ( password). I
ran >>ipsec start --nofork on ubuntu machine and >>ipsec up conn on Openwrt
router .Yo
Thanks Dan and Noel. :)
That is what I needed.
Thanks,
Farid
From: Dan Cook
To: Farid Farid
Cc: "users@lists.strongswan.org"
Sent: Monday, August 26, 2013 4:50 PM
Subject: Re: [strongSwan] >>ipsec reload question
ipsec rereadse
Hello everyone,
Is there anyway to upload changes in ipsec.secrets without restarting the
ipsec? (>> ipsec restart will effect other established connections)
I learned that >>ipsec update or >>ipsec reload only uploads changes
in ipsec.conf.
Thanks,
Farid_
7a86c,seq=0x3),
length 132
01:24:46.87
Thanks,
Farid
____
From: Farid Farid
To: Andreas Steffen
Cc: "users@lists.strongswan.org"
Sent: Thursday, August 1, 2013 9:28 AM
Subject: Re: [strongSwan] No private key found for 'C=CA
Hi Andreas,
Thank you so much .It is working now:!! :)
Cheers,
Farid
From: Andreas Steffen
To: Farid Farid
Cc: Martin Willi ; "users@lists.strongswan.org"
Sent: Wednesday, July 31, 2013 11:37 PM
Subject: Re: [strongSwan] No private key fou
mac
stroke kernel-netlink socket-default updown
00[JOB] spawning 16 worker threads
charon (2628) started after 80 ms
08[CFG] received stroke: add connection 'lmu56'
08[LIB] building CRED_CERTIFICATE - ANY failed, tried 1 builders
08[CFG] loading certificate from 'lmu56Cert.pem' fa
ue?
Is there anyway to check if certificates and Keys are Ok before laoding them to
the target machine?
Is it possible that strongswan compiled for this target machine is not a full
package? However I installed all required package base on OpenWrt wiki page.
My build compiler is
Hi Community,
I am wonder if here is the right place to ask basic questions regarding
Strongswan and ipsec. I have posted some questions but got no reply at all
which is kind of disappointing.
Hope this time I get an answer or at least someone can tell me where I should
post my questions.
.168.1.56[lmu56.strongswan.com]...192.168.1.55[lmu55.strongswan.com]
lmu56[1]: IKEv1 SPIs: 77df8f5e925d19d7_i* a0153d6dae17c55b_r, pre-shared
key reauthentication in 52 minutes
lmu56[1]: IKE proposal: AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
________
Hi everyone,
I am trying to setup a simple ipsec tunnel ( net-to-net) using PSK following
the example showing here in strongswan website:
http://www.strongswan.org/uml/testresults/ikev1/net2net-psk/
I am running strongswan 5.0.1 on both sides and I am using the exact set up
shown in th
Hello All,
I am new in this community and strongswan.
I would like to setup the simplest possible scenario for ipsec between two
units.
I am using host-host example on strongswan website using PSK. One unit (left
side )is running strongswan 5.0.1 (Embedded target on Openwrt attitude) and
anoth
23 matches
Mail list logo
