When faced with an ISP modem/router, I generally try to switch it to
bridge mode and move the PPPoE / DHCP client formerly handled by the
ISP hardware to the OpenBSD system instead. This rather simplifies
things if you can make it work because then your OpenBSD system has
the Internet-facing addre
On 2018-01-25, Lyndon Nerenberg wrote:
> I have an IPsec conundrum I'm trying to solve. Yes, the scenario
> is somewhat absurd; it's also the problem I've been taksed with
> solving, so spare the peanut gallery comments, okay?
>
>
> NET-P GW-Q <-> internet <-> GW-H GW-V NET-V
>
> NET-P is 10.0
NET-P GW-Q <-> internet <-> GW-H GW-V NET-V
In the schematic above, '' represents a NAT translation point.
'<->' is a regular router interconnect.
Except for where I screwed up, of course. That should read:
NET-P GW-Q <-> internet <-> GW-H GW-V <-> NET-V
I.e. the GW-V <-> NET-V interf
I have an IPsec conundrum I'm trying to solve. Yes, the scenario
is somewhat absurd; it's also the problem I've been taksed with
solving, so spare the peanut gallery comments, okay?
NET-P GW-Q <-> internet <-> GW-H GW-V NET-V
NET-P is 10.0.2.0/24
NET-V is 10.0.11.0/24
GW-Q is an OpenBSD ho
On Sat, Mar 15, 2008 at 2:36 PM, Christian Weisgerber
<[EMAIL PROTECTED]> wrote:
> Barry Commander <[EMAIL PROTECTED]> wrote:
>
> > I'm trying to secure my wireless network using ipsec. I have the client and
> > the router (both running a recent snapshot) communicating using esp
> > fine as ind
Thanks a lot guys. Works perfectly!
On 15/03/2008, Jochen Fabricius <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> this setup works for me (replaced with your IPs):
>
> on client:
>
> ike esp from 192.168.1.200 to 0.0.0.0/0 peer 192.168.1.1
>
> on router:
>
> ike esp from 0.0.0.0/0 to 192.168.1.200
>
> Bo
Hi,
by mistake I didn't replied to the mailing list. Here's my mail again:
>> Hi,
>>
>> this setup works for me (replaced with your IPs):
>>
>> on client:
>>
>> ike esp from 192.168.1.200 to 0.0.0.0/0 peer 192.168.1.1
>>
>> on router:
>>
>> ike esp from 0.0.0.0/0 to 192.168.1.200
>>
>
Barry Commander <[EMAIL PROTECTED]> wrote:
> I'm trying to secure my wireless network using ipsec. I have the client and
> the router (both running a recent snapshot) communicating using esp
> fine as indicated by tcpdump when I ping the router from the client.
> However the problem I'd like to so
I have the same setup at home and i didn't dig to deep in ipsec things
but implemented it in the following way:
- created gif tunnel.
- in "ike esp transport proto ipencap" rule i specified exact IPs (physical
address of gif tunnel).
- set default route to tunnel's peer.
I believe it's possib
Hello
I'm trying to secure my wireless network using ipsec. I have the client and
the router (both running a recent snapshot) communicating using esp
fine as indicated by tcpdump when I ping the router from the client.
However the problem I'd like to solve is when I access the internet the
traffic
Window's firewall is off. Dump is as follows:
# tcpdump -i sis0 'esp or (udp and (port 500 or port 4500))'
tcpdump: listening on sis0, link-type EN10MB
21:06:26.205252 work.isakmp > home.isakmp: isakmp v1.0 exchange ID_PROT
cookie: 1a0f8d5bb2637ce2-> msgid:
len: 36
On Wed, Apr 11, 2007 at 01:28:28PM -0600, Roy Kim wrote:
> I'm trying to setup an ipsec tunnel between an openbsd and a windows
> box using X.509 certificates. Phase 1 gets successfully negotiated but
> then things crap out at step 1 of phase 2 and I don't have a clue
> what's wrong. Any thoughts?
I'm trying to setup an ipsec tunnel between an openbsd and a windows
box using X.509 certificates. Phase 1 gets successfully negotiated but
then things crap out at step 1 of phase 2 and I don't have a clue
what's wrong. Any thoughts?
Isakmpd debug messages just after phase 1 is negotiated and ips
13 matches
Mail list logo
