ipsec??
Hi All!
I m having problem with my redhat 9.0 I need to test few things using ipsec. But I really want to know few things first. 1) How can i check if ipsec is "installed" on my system. 2) If its not "installed" How can i do it. I did check on freeS/WAN and all i got was to recompile the kernel things .is that wat i have to do ? any help from u guys TIA waiting for answer |
IIRC, you should see ipsec0 (tunnel) when you type #ifconfig.
IPSec usually located at /usr/lib/ipsec. If you don't have support for ipsec, you would have to recompile the kernel and install FreeSWan |
thanx sir, I downloaded and installed the freeS/Wan package and now my ipsec services are enabled.
but i wonder if i could use kame instead of free S/WAN coz it looks pretty easy to manage than free S/WAN. but i only see kame for openbsd freebsd netbsd etc etc . any clues. |
as stated on kame project web site:
...to provide a free IPv6 and IPsec (for both IPv4 and IPv6) stack for BSD variants to the world It means that you can't use kame on RH 9. Read the online manual for FreeSWan configuration http://www.freeswan.org/doc.html you might find useful information at http://www.ipsec-howto.org |
Hi again
I again ran into some trouble with swan I downloaded the rpm and did some rpm -i etc the swan is installed and i created some sample connections. and they did not seem to work and when i did ipsec whack --listen it shows me the following message 002 listening for IKE messages 002 forgetting secrets 002 loading secrets from "/etc/ipsec.secrets" 003 "/etc/ipsec.secrets" line 3: syntax error in IPv6 numeric address "192.168.0.26:PSK" i dono from where this IPv6 has dropped in (i know it must be one of my mistakes) Following are the rpms that i intalled freeswan-module-1.99_x509_0.9.15_2.4.20_8-0.i386.rpm freeswan-1.99_x509_0.9.15_2.4.20_8-0.i386.rpm any ideas pros?? TIA desperately waiting for a reply |
Have you got it fixed yet? I think /etc/ipsec.secrets contains your RSA signature. Maybe you can try recreating the ipsec.secrets file. There should be docs on how to do that. I have not had problems with this but I have moved on to using .x509 certificates for authentication in order to interoperate with windows xp. It is not that complicated and /etc/ipsec.secrets will contain just a single line indicating the file name of your certificate.
|
All times are GMT -5. The time now is 04:29 PM. |