Questions tagged [ipsec]
135 questions
1
vote
1
answer
60
views
Traffic not passed to the local TCP/IP stack for ipsec tun made with ip xfrm over netns
I have a simple netns setup
ip netns del ns1
ip netns del ns2
ip netns add ns1
ip netns add ns2
ip link add veth1 type veth peer name veth2
ip link set veth1 netns ns1
ip link set veth2 netns ns2
...
- 111
0
votes
0
answers
120
views
StrongSwan says certificate not found but loads it when it boots up
I'm setting up a VPN server with strongSwan, but I’ve hit a weird issue where the licenses aren’t loading properly.
Right now, I’m using a Let’s Encrypt cert to connect from my iOS and macOS devices, ...
0
votes
0
answers
70
views
unable to connect to the remote server via StrongSwan IPSec. Linux Debian 12
I have a problem connecting to a remote server via StrongSwan IPsec. I tried connecting using FortiClient IPsec on Windows, and everything worked fine. I was able to connect! However, when I tried to ...
- 1
0
votes
0
answers
56
views
Ipsec vpn connected but cant ping the other router
I have two OpenWRT routers set up with an IPSec VPN tunnel between them. The tunnel is successfully established, but the traffic is not passing through the tunnel, and I'm unable to ping local devices ...
0
votes
1
answer
200
views
What are the correct iptables rules for an ipsec site to site?
I am trying to configure an IPSEC site to site using strongswan on Debian 12.
The VPN is UP, as shown below
Status of IKE charon daemon (strongSwan 5.9.8, Linux 6.1.0-30-cloud-amd64, x86_64):
...
- 1
0
votes
1
answer
22
views
How to know Solaris ipsec keys for ike in pkcs12 format?
I want to convert Solaris ipsec ike keys in a format suitable for Libreswan.
With the command ikecert I export the public key
ikecert certdb -e 0 > public.pem
and private key
ikecert certlocal -e ...
- 14.2k
0
votes
1
answer
47
views
Run a VPN server alongside a website served by Docker
I have a server running this CMS as a website by running a Docker file like this by docker-compose which internally uses nginxproxy/nginx-proxy and nginxproxy/acme-companion Docker images.
Now, I ...
- 1,579
0
votes
0
answers
422
views
Help with IKEv2 VPN Connection Error: NO_PROPOSAL_CHOSEN
I’m currently having trouble setting up an IKEv2 VPN connection on an Android device using strongSwan as the VPN server. Despite having a valid certificate and key setup on both ends, I keep getting ...
- 1
0
votes
0
answers
73
views
Strongswan - Communication doesn't work between hosts
I have created a SITE-TO-SITE IPSEC tunnel between my two branches, the tunnel is up and running and I can ping bidirectional both routers, the problem is that I can't do any type of communications (...
3
votes
1
answer
667
views
What's the "new" way of checking the established connections in strongswan
Previously it was in ipsec statusall.
Now with swanctl I can only see swanctl --list-conns but it only shows the configuration details, not the runtime statistics: eg bytes transferred, negotiated ...
- 839
0
votes
1
answer
940
views
Connect IPSEC VPN to network interface
I have a StrongSwan IPSEC VPN configured on my Ubuntu 22.04.4 LTS server. The VPN starts up and connects to the primary interface (eno1) successfully.
Using qBittorrent, I bind to the IP Address that ...
- 51
0
votes
0
answers
199
views
Gre over IPsec Throuput performance
I am testing FRR DMVPN using Strongswan IPSec + GRE. Tunnels work great and they are easily established between the branch offices. Tunnels work great and they are easily established between the ...
1
vote
1
answer
3k
views
Fix "unmanaged" network interface if it worked before
TL;DR;
Maybe I clicked vpn connect wrong and got disconnected from the network. That's why the answer is easy.
As usual I wanted to connect to my work network using ipsec via network manager applet. ...
- 31
1
vote
0
answers
122
views
OPNsense as an IPsec client
I want to setup a permanent VPN connection from one site to another. I already correctly set up an IPsec server on one site, reachable with a fixed IPv4 and IPv6, and domain.
What I want to do now, is ...
- 11
1
vote
0
answers
37
views
Unclear delays pinging over IPsec VPN
What could be the cause if every second ping is delayed for a second when pinging through the host-to-network VPN while at the same time pinging the security gateway outside the VPN takes 13 ms on ...
- 754