[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] IPSEC - SuSE 9.1 - Shorewall 2.x
I got one step nearer to my goals:
ISAKMP SA is established, so key-exchange seems to work and
encryption is not the reason.
But pluto complains, that he cannot find a connection for that SA,
although everything else is *exactly* like on 9.0 before.
I did define my roadwarriors like that:
# /etc/ipsec.conf - FreeS/WAN IPsec configuration file
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
# default settings for connections
# OE policy groups are disabled by default
# VPN connection Roadwarrior 1
I also added rightid= .... to my conf, but nothing changed !
Any hint appreciated,
Philipp Rusch schrieb:
first, thanks for your fast reply :-)
next, I get errors when booting about interface "sit0", has
this something to do with the new ipsec / Freeswan 2.04 versions ?
With SuSE 9.0 this was no problem at all, whats wrong here ?
I mean what IS differnet ?)
I use the same setup in production with Suse 8.1 / 8.2 and 9.0,
IPSEC-VPN with Freeswan and Shorewall as firewall.
ipsec.conf is modified for this new setup, main difference is
the kernel 2.6.x
- I don't see an interface "ipsec0" or similar anymore when I
Native IPsec doesn't have a virtual interface anymore, you only get
- I get errors in firewall logs about connection attempts from my road-
warriors on port 4500 (???) what's this ?
UDP port 4500 is the ESP-Protocoll, I guess thats why your
Roadwarriors are acting strange, too.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here