LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-16-2011, 08:49 AM   #1
saiyen2002
Member
 
Registered: Dec 2006
Location: London, UK
Distribution: Centos, Fedora
Posts: 53

Rep: Reputation: 0
best way for linux to connect to ipsec VPN?


I need to connect to an IPSEC VPN from my centos 5 server. What would be the easiest way to accomplish this?

I have done a little research, and linux with IPSEC mostly turns out openswan. Is this any good? I found lots of guides to setup an IPSEC server openswan, but not that many on how to use it as client to connect to remote IPSEC server

I am not that familiar with IPSEC VPN, so if you need more information, the details of the VPN server i am trying to connect to is as follows:

Authentication Method Pre Shared Key
Encryption Scheme IKE
Diffie-Hellman Group DH Group 2
Encryption Algorithm 3DES
Hashing Algorithm SHA
Main or Aggressive Mode Main Mode
Lifetime (for renegotiation) 2800 seconds
Encryption Algorithm 3DES
Integrity (Hash) SHA-1
Oakley Group DH Group 2
Perfect Forward Secrecy No PFS
Lifetime (for renegotiation) 3600 seconds
Life-size in KB (for renegotiation) Not used
 
Old 08-17-2011, 10:50 AM   #2
saiyen2002
Member
 
Registered: Dec 2006
Location: London, UK
Distribution: Centos, Fedora
Posts: 53

Original Poster
Rep: Reputation: 0
OK, i tried to use VPNC. but still not getting anywhere. leow is my output

[root@test1 vpnc]# vpnc --debug 1
Enter IPSec gateway address: 212.10.21.214
Enter IPSec ID for 212.10.21.214: telecoms
Enter IPSec secret for jersey@212.9.21.214:
Enter username for 212.10.21.214:
Enter password for @212.10.21.214:

vpnc version 0.5.3
IKE SA selected psk-3des-sha1
NAT status: this end behind NAT? YES -- remote end behind NAT? no
received notice of type (ISAKMP_N_R_U_THERE)(36136), giving up


---!!!!!!!!! entering phase2_fatal !!!!!!!!!---


vpnc: configuration response rejected: (ISAKMP_N_INVALID_MESSAGE_ID)(9)

Last edited by saiyen2002; 08-19-2011 at 05:42 AM.
 
Old 08-19-2011, 05:45 AM   #3
saiyen2002
Member
 
Registered: Dec 2006
Location: London, UK
Distribution: Centos, Fedora
Posts: 53

Original Poster
Rep: Reputation: 0
OK. The VPN that i am connecting is not working due to the follwing reason given by the VPN provider

".......This is achieved by point to point VNPs, which is what we require to set up here.

The VPN client that you wish to use is designed for remote access applications rather than a point to point application that is required here set-up on your firewall "

Guess I needd a point-to-point ipsec VPN for centos.

Any ideas anyone
 
  


Reply

Tags
ipsec, linux, openswan, vpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how connect to a Windows server using VPN l2TP/IPSEC PSK? YourPadre Slackware 0 05-16-2011 12:07 AM
vpn-ipsec : Failed to parse config setup portion of ipsec.conf hari85 Linux - Newbie 1 07-17-2010 09:12 PM
IPSec questions setting up to connect to a Linksys VPN router dendon Linux - Networking 2 10-30-2008 08:38 AM
Dynamic IP VPN between IpSec(OpenBSD) and Linux VPN software Peter_APIIT Linux - Server 2 04-09-2008 06:08 AM
Ipsec vpn in Linux ? winxandlinx Linux - Networking 2 02-07-2007 04:22 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration