LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-06-2003, 01:27 AM   #1
new user
LQ Newbie
 
Registered: Jul 2003
Location: pakistan
Distribution: redhat 9
Posts: 10

Rep: Reputation: 0
ipsec??


Hi All!
I m having problem with my redhat 9.0
I need to test few things using ipsec.
But
I really want to know few things first.
1) How can i check if ipsec is "installed" on my system.
2) If its not "installed" How can i do it. I did check on freeS/WAN and all i got was to recompile the kernel things .is that wat i have to do ?

any help from u guys
TIA
waiting for answer
 
Old 08-06-2003, 04:04 AM   #2
cIx
Member
 
Registered: Aug 2003
Location: /dev/null
Posts: 40

Rep: Reputation: 15
IIRC, you should see ipsec0 (tunnel) when you type #ifconfig.
IPSec usually located at /usr/lib/ipsec.

If you don't have support for ipsec, you would have to recompile the kernel and install FreeSWan
 
Old 08-06-2003, 06:03 AM   #3
new user
LQ Newbie
 
Registered: Jul 2003
Location: pakistan
Distribution: redhat 9
Posts: 10

Original Poster
Rep: Reputation: 0
thanx sir, I downloaded and installed the freeS/Wan package and now my ipsec services are enabled.
but i wonder if i could use kame instead of free S/WAN coz it looks pretty easy to manage than free S/WAN.
but i only see kame for openbsd freebsd netbsd etc etc .
any clues.
 
Old 08-06-2003, 06:09 AM   #4
cIx
Member
 
Registered: Aug 2003
Location: /dev/null
Posts: 40

Rep: Reputation: 15
as stated on kame project web site:

...to provide a free IPv6 and IPsec (for both IPv4 and IPv6) stack for BSD variants to the world

It means that you can't use kame on RH 9.

Read the online manual for FreeSWan configuration
http://www.freeswan.org/doc.html

you might find useful information at http://www.ipsec-howto.org

Last edited by cIx; 08-06-2003 at 06:13 AM.
 
Old 08-07-2003, 05:52 AM   #5
new user
LQ Newbie
 
Registered: Jul 2003
Location: pakistan
Distribution: redhat 9
Posts: 10

Original Poster
Rep: Reputation: 0
Hi again
I again ran into some trouble with swan
I downloaded the rpm and did some rpm -i etc
the swan is installed and i created some sample connections.
and they did not seem to work
and when i did ipsec whack --listen
it shows me the following message

002 listening for IKE messages
002 forgetting secrets
002 loading secrets from "/etc/ipsec.secrets"
003 "/etc/ipsec.secrets" line 3: syntax error in IPv6 numeric address "192.168.0.26:PSK"

i dono from where this IPv6 has dropped in (i know it must be one of my mistakes)
Following are the rpms that i intalled
freeswan-module-1.99_x509_0.9.15_2.4.20_8-0.i386.rpm
freeswan-1.99_x509_0.9.15_2.4.20_8-0.i386.rpm
any ideas pros??
TIA
desperately waiting for a reply
 
Old 08-18-2003, 11:37 PM   #6
cmisip
Member
 
Registered: Aug 2002
Posts: 189

Rep: Reputation: 30
Have you got it fixed yet? I think /etc/ipsec.secrets contains your RSA signature. Maybe you can try recreating the ipsec.secrets file. There should be docs on how to do that. I have not had problems with this but I have moved on to using .x509 certificates for authentication in order to interoperate with windows xp. It is not that complicated and /etc/ipsec.secrets will contain just a single line indicating the file name of your certificate.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Nat ipsec Datacenter1 Linux - Networking 0 08-25-2005 09:43 AM
IPSec eagle683 Linux - Security 5 06-10-2005 10:53 AM
IPsec cranium2004 Linux - Security 5 05-01-2005 08:21 PM
Ipsec MarleyGPN Linux - Networking 1 07-15-2003 08:18 AM
ipsec pk21 Linux - Software 2 01-30-2003 06:39 AM


All times are GMT -5. The time now is 09:13 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration