It seems that I was provided the wrong peer IP (which was also running an
IPSEC endpoint but with different settings). So after placing the right IP
address in the ipsec.conf the flows are established although I get some
errors like:
Default responder_recv_HASH_SA_NONCE: peer proposed invalid phas
Hi,
I am trying to create an IPSEC tunnel between an OpenBSD 5.8 and VMWare's
vcloud air cloud platform.
The options that I can set from the vmware side (they provide a GUI) are
specific and they are the following:
-Local networks
-Remote networks
-Peer
-Pre shared key
-Encryption (3DES)
On the
On Wednesday, June 18, 2014 15:27 CEST, Stuart Henderson
wrote:
> On 2014-06-18, Sebastian Reitenbach wrote:
> > The only difference I see, but I'm unsure if this is OK or not, is that
> > the OpenBSD box sends ENCAPSULATION_MODE = TUNNEL, and the
> > Cisco box sends ENCAPSULATION_MODE = UDP_
On 2014-06-18, Sebastian Reitenbach wrote:
> The only difference I see, but I'm unsure if this is OK or not, is that
> the OpenBSD box sends ENCAPSULATION_MODE = TUNNEL, and the
> Cisco box sends ENCAPSULATION_MODE = UDP_ENCAP_TUNNEL.
> I'm not sure if that is expected, since the Cisco is behind a
On Wednesday, June 18, 2014 08:49 CEST, Remi Locherer
wrote:
> On Tue, Jun 17, 2014 at 05:34:27PM +0200, Sebastian Reitenbach wrote:
> > Hi,
> >
> > I'm trying to establish an IPSec tunnel between an OpenBSD 5.5 (amd64)
> > box and a Cisco 2901, the whole day, but doesn't seem to
> > get it t
On Tue, Jun 17, 2014 at 05:34:27PM +0200, Sebastian Reitenbach wrote:
> Hi,
>
> I'm trying to establish an IPSec tunnel between an OpenBSD 5.5 (amd64)
> box and a Cisco 2901, the whole day, but doesn't seem to
> get it to work. I think I have something wrong with the
> crypto transforms for phase
Hi,
I'm trying to establish an IPSec tunnel between an OpenBSD 5.5 (amd64)
box and a Cisco 2901, the whole day, but doesn't seem to
get it to work. I think I have something wrong with the
crypto transforms for phase two, since this NO_PROPOSAL_CHOSEN
I get in the logs, which I think is in phase t
"Sebastian Reitenbach" <[EMAIL PROTECTED]> wrote:
> Hi,
>
> in /etc/ipsec.conf I have the following configured:
>
> ike active esp from 192.168.14.12/24 to 172.22.34.0/16 \
>local $our_gw peer $remote1_gw \
>main auth hmac-sha2-256 enc 3des group grp2 \
>quick auth hmac-s
Hi,
in /etc/ipsec.conf I have the following configured:
ike active esp from 192.168.14.12/24 to 172.22.34.0/16 \
local $our_gw peer $remote1_gw \
main auth hmac-sha2-256 enc 3des group grp2 \
quick auth hmac-sha2-256 enc aes group modp1024 \
psk "AKey"
ike active esp
Hi,
> > >
> > > I setup a tunnel between a pix and an openbsd isakmpd to
> > > connect two networks behind each tunnel endpoint.
> > > pinging through the tunnel from both sides works, for
> > > the first 15 minutes. then the ping stops working.
> > > When I recreate the tunnel, then the ping st
Hi,
[EMAIL PROTECTED] wrote:
>
> It will be helpful, if you can give the corresponding PIX configuration as
well.
> your ipsecctl.conf seems to be good! Can you give us the output of
ipsecctl -vv
> -sa and tail -f /var/log/{daemon, messages}
>
just got the relevant part of the PIX config, so
Hi,
I forgot to mention, I am running OpenBSD 4.1 stable.
Sebastian
"Sebastian Reitenbach" <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I setup a tunnel between a pix and an openbsd isakmpd to
> connect two networks behind each tunnel endpoint.
> pinging through the tunnel from both sides works, for
>
Sebastian Reitenbach wrote:
Hi,
I setup a tunnel between a pix and an openbsd isakmpd to
connect two networks behind each tunnel endpoint.
pinging through the tunnel from both sides works, for
the first 15 minutes. then the ping stops working.
When I recreate the tunnel, then the ping starts t
Hi,
I setup a tunnel between a pix and an openbsd isakmpd to
connect two networks behind each tunnel endpoint.
pinging through the tunnel from both sides works, for
the first 15 minutes. then the ping stops working.
When I recreate the tunnel, then the ping starts to
work again. I start isakmpd
14 matches
Mail list logo
