LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Closed Thread
 
Search this Thread
Old 10-05-2006, 02:06 AM   #1
squirtle
Member
 
Registered: Jun 2006
Posts: 55

Rep: Reputation: 15
Unhappy How to implement IPsec in IPv6 postfix mail server


I start my IPsec use IPsec-tools.I configure two files that are /etc/racoon/racoon.conf and /etc/racoon/setkey.sh.
That is my racoon.conf
path include "/etc/racoon";
path pre_shared_key "/etc/racoon/psk.txt";
#path certificate "/etc/racoon/certs";

listen
{
isakmp 2001:328:2003:2::5;
}

remote 2001:328:2003:2::10
{
exchange_mode main;
lifetime time 24 hour;
proposal
{
encryption_algorithm 3des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2;
}
}

sainfo address 2001:328:2003:2::5 any address 2001:328:2003:2::10 any
{
lifetime time 1 hour;
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
}

sainfo address 2001:328:2003:2::10 any address 2001:328:2003:2::5 any
{
lifetime time 1 hour;
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
}

include "/etc/racoon/192.168.1.5.conf";
include "/etc/racoon/192.168.1.2.conf";
include "/etc/racoon/2001:328:2003:2::2.conf";
include "/etc/racoon/2001:328:2003:2::10.conf";

my "setkey.sh"

#!/sbin/setkey -f
flush;
spdflush;
spdadd 2001:328:2003:2::1 2001:328:2003:2::2 any -P out ipsec esp/transport//require;
spdadd 2001:328:2003:2::2 2001:328:2003:2::1 any -P in ipsec esp/transport//require;

then i tye setkey -D
[root@mailv6 racoon]# setkey -D
No SAD entries.


Thanks.

Last edited by squirtle; 10-05-2006 at 02:14 AM.
 
Old 10-05-2006, 09:02 PM   #2
squirtle
Member
 
Registered: Jun 2006
Posts: 55

Original Poster
Rep: Reputation: 15
Problem compile kernel to support IPsec

My kernel version is 2.6.15-1.2054_FC5 ,so should I recompile my kernle to support IPsec?
Thanks.
 
Old 06-05-2011, 01:26 AM   #3
karthik3152
LQ Newbie
 
Registered: May 2011
Posts: 10
Blog Entries: 3

Rep: Reputation: Disabled
Look into this url,it may be of some help:

driving traffic not allowed here!

Last edited by colucix; 06-05-2011 at 01:47 AM. Reason: advertising removed
 
Old 06-05-2011, 01:46 AM   #4
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,489

Rep: Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956Reputation: 1956
Please, don't resurrect ancient threads only to promote your own site. This is in violation of the LQ rules:
Quote:
  • Do not post if you do not have anything constructive to say in the post.
  • When posting in an existing thread, ensure that what you're posting is on-topic and relevant to the thread. If the content of your post will interfere with the current discussion, you should start a new thread.
  • There is no advertising allowed in the forums.
This thread closed.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to start implement the IPsec squirtle Linux - Newbie 3 10-03-2006 12:16 PM
IPSEC To implement VPN UltraSoul Solaris / OpenSolaris 7 08-22-2005 02:47 AM
problem receiving pop3 mail from postfix mail server GEN_Electric Linux - Software 2 02-14-2005 02:43 PM
How to implement a SMTP server for outgoing mail? Nerox Programming 1 07-02-2004 03:43 AM
Postfix mail server not accepting incoming mail from the external interface rexmundi Linux - Networking 7 12-22-2003 03:41 PM


All times are GMT -5. The time now is 03:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration