LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-30-2006, 03:03 AM   #1
piggyj
LQ Newbie
 
Registered: May 2006
Posts: 11

Rep: Reputation: 0
Question IPSec: Red Hat Configuration



It's my first time to configure IPSec.

Before configuration, I can do:
telnet x.y.y.y port

But after configuration, I get:

telnet: Unable to connect to remote host: Resource temporarily unavailable

Here's how I did ipsec configuration:

1. set net.ipv4.ip_forward to 1

2. sysctl -p /etc/sysctl.conf

3. create /etc/sysconfig/network-scripts/ifcfg-ipsec0
DEVICE=ipsec0
TYPE=IPsec
ONBOOT=yes
IKE_METHOD=PSK
SRCNET=x.x.x.0/24
SRC=x.x.x.x
DST=x.y.y.y

4. created pre-shared key file /etc/sysconfig/network-scripts/keys-ipsec0
IKE_PSK=r3dh4tl1nux

5. chmod 600 /etc/sysconfig/network-scripts/keys-ipsecX

6. ifup ipsec0

can someone help me?
 
Old 11-01-2006, 08:32 PM   #2
piggyj
LQ Newbie
 
Registered: May 2006
Posts: 11

Original Poster
Rep: Reputation: 0
Unhappy

Here's an update. I did some tests:

node 1 = x.x.x.14
node 2 = x.x.x.13


If I do Ipsec - Win to Win - it works.

If I do Ipsec - RHEL to RHEL - it works.

10:14:29.913735 x.x.x.14 > x.x.x.13: AH(spi=0x0e8edaca,seq=0x23): ESP(spi=0x0cc2c94b,seq=0x23) (DF)
10:14:29.913827 x.x.x.13 > x.x.x.14: AH(spi=0x0496ce3b,seq=0x1): ESP(spi=0x0950e71c,seq=0x1)


with this config, on both rhel servers:
DEVICE=ipsec0
TYPE=IPSEC
ONBOOT=yes
IKE_METHOD=PSK
SRC=x.x.x.14
DST=x.x.x.13

keys-ipsec0
IKE_PSK=mypassword

If I do Ipsec - Win to RHEL - doesn't work.

Is this supported? Am I missing anything?
 
Old 11-05-2006, 08:07 AM   #3
piggyj
LQ Newbie
 
Registered: May 2006
Posts: 11

Original Poster
Rep: Reputation: 0
:-(

Still having problems.

Windows box, when I ping the Linux Box:
Negotiating IP Security.

And on the Linux box, when I ping Windows box:
connect: Resource temporarily unavailable.
 
Old 11-21-2006, 12:49 AM   #4
piggyj
LQ Newbie
 
Registered: May 2006
Posts: 11

Original Poster
Rep: Reputation: 0
now getting...

2006-11-21 14:43:45: ERROR: isakmp_inf.c:838:isakmp_info_recv_n(): unknown notify message, no phase2 handle found.
2006-11-21 14:43:45: DEBUG: isakmp_inf.c:860:isakmp_info_recv_n(): notification message 14:NO-PROPOSAL-CHOSEN, doi=1 proto_id=3 spi=00000000(size=4).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Disply configuration in Red Hat 8.0 stratocaster Linux - General 4 07-11-2003 08:18 AM
Red Hat 9.0 Firewall Configuration DrLazardo Linux - Networking 5 05-24-2003 01:21 AM
Installing and configuration of Red Hat 8.0 RedHatNewbie03 Linux - General 2 01-27-2003 04:14 PM
Red Hat 7.2: Netowrk Configuration AndySimpson Linux - Networking 2 08-29-2002 11:54 AM
Red Hat 7.2 configuration burchy Linux - Distributions 4 02-26-2002 01:16 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration