LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   best way for linux to connect to ipsec VPN? (http://www.linuxquestions.org/questions/linux-networking-3/best-way-for-linux-to-connect-to-ipsec-vpn-897592/)

saiyen2002 08-16-2011 07:49 AM

best way for linux to connect to ipsec VPN?
 
I need to connect to an IPSEC VPN from my centos 5 server. What would be the easiest way to accomplish this?

I have done a little research, and linux with IPSEC mostly turns out openswan. Is this any good? I found lots of guides to setup an IPSEC server openswan, but not that many on how to use it as client to connect to remote IPSEC server

I am not that familiar with IPSEC VPN, so if you need more information, the details of the VPN server i am trying to connect to is as follows:

Authentication Method Pre Shared Key
Encryption Scheme IKE
Diffie-Hellman Group DH Group 2
Encryption Algorithm 3DES
Hashing Algorithm SHA
Main or Aggressive Mode Main Mode
Lifetime (for renegotiation) 2800 seconds
Encryption Algorithm 3DES
Integrity (Hash) SHA-1
Oakley Group DH Group 2
Perfect Forward Secrecy No PFS
Lifetime (for renegotiation) 3600 seconds
Life-size in KB (for renegotiation) Not used

saiyen2002 08-17-2011 09:50 AM

OK, i tried to use VPNC. but still not getting anywhere. leow is my output

[root@test1 vpnc]# vpnc --debug 1
Enter IPSec gateway address: 212.10.21.214
Enter IPSec ID for 212.10.21.214: telecoms
Enter IPSec secret for jersey@212.9.21.214:
Enter username for 212.10.21.214:
Enter password for @212.10.21.214:

vpnc version 0.5.3
IKE SA selected psk-3des-sha1
NAT status: this end behind NAT? YES -- remote end behind NAT? no
received notice of type (ISAKMP_N_R_U_THERE)(36136), giving up


---!!!!!!!!! entering phase2_fatal !!!!!!!!!---


vpnc: configuration response rejected: (ISAKMP_N_INVALID_MESSAGE_ID)(9)

saiyen2002 08-19-2011 04:45 AM

OK. The VPN that i am connecting is not working due to the follwing reason given by the VPN provider

".......This is achieved by point to point VNPs, which is what we require to set up here.

The VPN client that you wish to use is designed for remote access applications rather than a point to point application that is required here set-up on your firewall "

Guess I needd a point-to-point ipsec VPN for centos.

Any ideas anyone


All times are GMT -5. The time now is 05:23 PM.