LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page [SOLVED] ipsec woes
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-11-2013, 05:00 AM   #1
bigearsbilly
Senior Member
 
Registered: Mar 2004
Location: england
Distribution: Mint, Armbian, NetBSD, Puppy, Raspbian
Posts: 3,515

Rep: Reputation: 239Reputation: 239Reputation: 239
ipsec woes

I am using ipsec and racoon to try to connect as a client to a cicso VPN.
I think the tunnel is OK:

Code:
2013-02-11 10:50:43: INFO: IPsec-SA established: ESP/Tunnel
2013-02-11 10:54:03: DEBUG: received a valid R-U-THERE, ACK sent
tcpdump shows isakmp traffic both ways:
Code:
10:57:03.454441 IP IDC.isakmp > TMI.isakmp: isakmp: phase 2/others ? inf[E]
10:57:03.456719 IP TMI.isakmp > IDC.isakmp: isakmp: phase 2/others ? inf[E]



when I try to ping or telnet to the server tcpdump on my outbound nic shows
ESP seems to be sent over the wire but nothing appears to come back.
any ideas?

Code:
10:58:35.425940 IP TMI > IDC: ESP(spi=0xe15a43ea,seq=0x41), length 92
10:58:41.425972 IP TMI > IDC: ESP(spi=0xe15a43ea,seq=0x42), length 92
Last edited by bigearsbilly; 02-11-2013 at 05:18 AM. Reason: grammar
 
Old 02-12-2013, 11:17 AM   #2
scheidel21
Senior Member
 
Registered: Feb 2003
Location: CT
Distribution: Debian 6+, CentOS 5+
Posts: 1,323

Rep: Reputation: 100Reputation: 100
Is ICMP echo allowed on the CISCO device acting as the server? Are you able to get to internal resources? Have you checked routing? Do you see the connection on the CISCO device?
 
Old 02-14-2013, 06:10 AM   #3
bigearsbilly
Senior Member
 
Registered: Mar 2004
Location: england
Distribution: Mint, Armbian, NetBSD, Puppy, Raspbian
Posts: 3,515

Original Poster
Rep: Reputation: 239Reputation: 239Reputation: 239
I have done it.
It was just a matter of getting my head down and learning it. It was incorrect spd stuff.

If anyone is interested I am working on a script for it.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vpn-ipsec : Failed to parse config setup portion of ipsec.conf hari85 Linux - Newbie 1 07-17-2010 08:12 PM
Help with IPSec!! vishamr2000 Fedora 2 03-14-2008 12:38 AM
ipsec help ankscorek Linux - Networking 1 03-30-2006 03:42 AM
Ipsec MarleyGPN Linux - Networking 1 07-15-2003 08:18 AM
ipsec pk21 Linux - Software 2 01-30-2003 06:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:13 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration