LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   ipsec?? (https://www.linuxquestions.org/questions/linux-security-4/ipsec-79412/)

new user 08-06-2003 01:27 AM
ipsec??
 
Hi All!
I m having problem with my redhat 9.0
I need to test few things using ipsec.
But
I really want to know few things first.
1) How can i check if ipsec is "installed" on my system.
2) If its not "installed" How can i do it. I did check on freeS/WAN and all i got was to recompile the kernel things .is that wat i have to do ?

any help from u guys
TIA
waiting for answer

cIx 08-06-2003 04:04 AM
IIRC, you should see ipsec0 (tunnel) when you type #ifconfig.
IPSec usually located at /usr/lib/ipsec.

If you don't have support for ipsec, you would have to recompile the kernel and install FreeSWan

new user 08-06-2003 06:03 AM
thanx sir, I downloaded and installed the freeS/Wan package and now my ipsec services are enabled.
but i wonder if i could use kame instead of free S/WAN coz it looks pretty easy to manage than free S/WAN.
but i only see kame for openbsd freebsd netbsd etc etc .
any clues.

cIx 08-06-2003 06:09 AM
as stated on kame project web site:

...to provide a free IPv6 and IPsec (for both IPv4 and IPv6) stack for BSD variants to the world

It means that you can't use kame on RH 9.

Read the online manual for FreeSWan configuration
http://www.freeswan.org/doc.html

you might find useful information at http://www.ipsec-howto.org

new user 08-07-2003 05:52 AM
Hi again
I again ran into some trouble with swan
I downloaded the rpm and did some rpm -i etc
the swan is installed and i created some sample connections.
and they did not seem to work
and when i did ipsec whack --listen
it shows me the following message

002 listening for IKE messages
002 forgetting secrets
002 loading secrets from "/etc/ipsec.secrets"
003 "/etc/ipsec.secrets" line 3: syntax error in IPv6 numeric address "192.168.0.26:PSK"

i dono from where this IPv6 has dropped in (i know it must be one of my mistakes)
Following are the rpms that i intalled
freeswan-module-1.99_x509_0.9.15_2.4.20_8-0.i386.rpm
freeswan-1.99_x509_0.9.15_2.4.20_8-0.i386.rpm
any ideas pros??
TIA
desperately waiting for a reply

cmisip 08-18-2003 11:37 PM
Have you got it fixed yet? I think /etc/ipsec.secrets contains your RSA signature. Maybe you can try recreating the ipsec.secrets file. There should be docs on how to do that. I have not had problems with this but I have moved on to using .x509 certificates for authentication in order to interoperate with windows xp. It is not that complicated and /etc/ipsec.secrets will contain just a single line indicating the file name of your certificate.


All times are GMT -5. The time now is 04:29 PM.