On Thu, Oct 21, 2021 at 10:23:51AM +0200, Johann Belau wrote:
> Dear all,
>
> I am in desperate need of assistance for setting up an IKEv2 VPN tunnel to a
> remote LAN with OpenBSD as my VPN gateway.
>
> A short outline of what I'm trying to achieve:
>
> 1. I have a remote private LAN with
Dear all,
I am in desperate need of assistance for setting up an IKEv2 VPN tunnel to a
remote LAN with OpenBSD as my VPN gateway.
A short outline of what I'm trying to achieve:
1. I have a remote private LAN with Windows Servers and one OpenBSD gateway
(gateway has a public IP, the rest of
On Sat, Nov 11, 2006 at 11:58:14AM +0100, Joachim Schipper wrote:
On Fri, Nov 10, 2006 at 02:06:42PM -0600, Albert Chin wrote:
Then, from the VPN CLIENT, how would an ssh connection to 192.168.1.1,
server A on the internal network behind FW2, work? IPsec would encrypt
the packet between
On Fri, Nov 10, 2006 at 02:06:42PM -0600, Albert Chin wrote:
On Fri, Nov 10, 2006 at 07:11:41PM +0100, Joachim Schipper wrote:
On Fri, Nov 10, 2006 at 09:34:42AM -0600, Albert Chin wrote:
With the following firewall configuration, what recommendations does
anyone have for how we should
With the following firewall configuration, what recommendations does
anyone have for how we should handle VPN? I see two solutions:
1. Forward ipsec from FIREWALL 1 to FIREWALL 2 with isakmpd running
on FIREWALL 2.
2. Run isakmpd on FIREWALL 1 and nat the traffic from the VPN
network
On Fri, Nov 10, 2006 at 09:34:42AM -0600, Albert Chin wrote:
With the following firewall configuration, what recommendations does
anyone have for how we should handle VPN? I see two solutions:
1. Forward ipsec from FIREWALL 1 to FIREWALL 2 with isakmpd running
on FIREWALL 2.
2. Run
On Fri, Nov 10, 2006 at 07:11:41PM +0100, Joachim Schipper wrote:
On Fri, Nov 10, 2006 at 09:34:42AM -0600, Albert Chin wrote:
With the following firewall configuration, what recommendations does
anyone have for how we should handle VPN? I see two solutions:
1. Forward ipsec from FIREWALL
On Fri, Nov 10, 2006 at 02:06:42PM -0600, Albert Chin wrote:
Expanding on the config some more:
(fxp0)|(internal network - 192.168.0.0/24)
o
|VPN CLIENT |
o
Isn't this in the FAQ (yet/still)? It definitely is in the archives...
If you have a tunnel between the networks traffic between the
networks is the *only* traffic to be encrypted. See 'netstat -rn -f
encap', source and destination fields.
As soon as any of the gateways are involved,
Woo-hoo! I figured it out. On gateway1 I had to do, 'route add 192.168.3
192.168.1.1', and on gateway2, 'route add 192.168.1 192.168.3.1'.
I know I should send stuff about the man pages to hshoexer@, but is
that @openbsd.org, @cvs.openbsd.org, or what?
If any kind soul wants to tell me how
On Fri, Oct 14, 2005 at 04:31:36AM -0500, Josh Webb wrote:
I know I should send stuff about the man pages to hshoexer@, but is
that @openbsd.org, @cvs.openbsd.org, or what?
someone will correct me if this is the wrong way, but can
also do a sendbug(1) and submit your diff to the manpage
On Fri, 14 Oct 2005 04:34:54 -0600
jared r r spiegel [EMAIL PROTECTED] wrote:
(/etc/rc.local)
---
#the vpn!
if [ -p /var/run/isakmpd.fifo ]; then
echo -n 'adding VPN 192.168 routes:'
for VPNDEST in 192.168.23.0/25 192.168.23.128/25; {
/sbin/route add
I am attempting to set up a test VPN, using two OpenBSD 3.7 systems as
gateways, and two WinXP clients.
The addressing scheme is as follows
client1 - ip:192.168.1.2 default gateway:192.168.1.1
gateway1
le1 - 192.168.2.1
le2 - 192.168.1.1
gateway2
le1 - 192.168.2.2
le2 - 192.168.3.1
On Thu, Oct 13, 2005 at 10:36:27PM -0500, Josh Webb wrote:
from client1:
Reply from 192.168.1.1: Destination host unreachable.
from client2:
Reply from 192.168.3.1: Destination host unreachable.
I'm sure it's some detail I'm missing, but I'm stumped.
sudo sysctl -w
On Thu, Oct 13, 2005 at 10:36:27PM -0500, Josh Webb wrote:
I'm sure it's some detail I'm missing, but I'm stumped.
if it's not the sysctl, can gateway1 ping client2 || gateway2 ping client1 ?
or client1 ping 192.168.2.1 || client2 ping 192.168.2.2 ?
jared r r spiegel wrote:
On Thu, Oct 13, 2005 at 10:36:27PM -0500, Josh Webb wrote:
from client1:
Reply from 192.168.1.1: Destination host unreachable.
from client2:
Reply from 192.168.3.1: Destination host unreachable.
I'm sure it's some detail I'm missing, but I'm stumped.
sudo sysctl -w
if it's not the sysctl, can gateway1 ping client2 || gateway2 ping client1 ?
no
or client1 ping 192.168.2.1 || client2 ping 192.168.2.2 ?
yes
also, client1 can't ping 192.168.2.2 || client2 can't ping 192.168.2.1.
17 matches
Mail list logo