[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] IPSEC - SuSE 9.1 - Shorewall 2.x



Hi all,

I use the same setup in production with Suse 8.1 / 8.2 and 9.0,
IPSEC-VPN with Freeswan and Shorewall as firewall.
ipsec.conf is modified for this new setup, main difference is
the kernel 2.6.x

what happens:
- I don't see an interface "ipsec0" or similar anymore when I startup IPSEC
- I get errors in firewall logs about connection attempts from my road-
warriors on port 4500 (???) what's this ?
- My gateway "sees" the attempts to exchange SA info on port 500,
but never gets farther as to complain about incomplete packets.

Clients are W2K and WXP, both work ok with other freeswan connections
and the same way to produce x.509 certs.

Any hints ?

Regards,
Mit freundlichen Grüßen, Philipp Rusch


-----------------------------------------------------------------
| EDV Beratung Rusch          EDP Consulting Rusch                |
| Philipp Rusch               IBM Certified AS/400 Specialist     |
| Am Errlich 9                WWW   : http://www.rusch-edv.de/    |
| D-61191 Rosbach,            Mailto: Philipp.Rusch@xxxxxxxxxxxx  |
| Germany                     Ust.-ID: DE 157 548 731             |
| Phone: (+49) 6003 3972      Mobile : (+49) 172 89 86 230        |
| Fax  : (+49) 6003 3795                                          |
|                                                                 |
-----------------------------------------------------------------

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese
E-Mail irrtümlich erhalten haben, informieren Sie bitte den Absender
und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die
unbefugte Weitergabe dieser E-Mail ist nicht gestattet.

This e-mail may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this e-mail
in error) please notify the sender and destroy this e-mail. Any
unauthorised copying, disclosure or distribution of the material
in this e-mail is strictly forbidden.