==
Andreas Steffen [EMAIL PROTECTED]
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
-- 63.80.235.205 == 0.0.0.0/0
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen [EMAIL
==
Andreas Steffen [EMAIL PROTECTED]
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
that SPIs for the
outgoing packets could be same but those for incoming packets must be
unique. Why?
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
DATA
COMMAND
31484 root 20 0 163m 1940 1344 S 0.0 0.1 0:03.22
236160m charon
Regards,
Leonid.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN
wrote:
Configuring that number (# of threads) less 6, brakes strongSwan, it stops
working.
Help needed with some explanation.
Thanks,
Leonid.
==
Andreas Steffen andreas.stef...@strongswan.org
.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
is there no informational send all 10 seconds. I have no other traffic
send through the tunnel.
Regards
Peter
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
?
Thanks!
Nicole
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University
tell exactly where the failure occurs.
Thanks in advance
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet
using
rightsourceip= in the ipsec.conf file of the VPN gateway. There
is no pool functionality available.
How can I define an individual IP in the ipsec.conf in the vpn-gateway.
I see only the option to give one IP with rightsourceip=
Regards
Tobias
Quoting Andreas Steffen andreas.stef
with rekeyfuzz?
so does the tunnel like CHILD_SA rekeying without a break?
Regards
Tobias
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
and installed strongSwan 4.2 branch:
IKEv1 IKEv2 for Linux 2.6 kernels but I don't know how to use the
daemon. Which commands should I use? Is there any manual that I can follow?
Best regards.
Antonio
==
Andreas Steffen
wrote:
When I configure SP and SA manually for an outgoing packet, must the
source IP in SA be the sender (local host)'s IP? Will strongSwan or
native IPsec module check the consistence?
Thanks
==
Andreas Steffen
after timeout
Nokia Policy was created by a new Tool as IKEv2. I'v tried to create
policy with and without advanced settings, but noting works for me.
How did you create a policy on you tests?
Regards,
Dimitrij
Andreas Steffen schrieb:
Hi Dimitrij,
in order to help you we'd need
in the NetworkManager HOWTO:
http://wiki.strongswan.org/wiki/NetworkManager
We hope that NetworkManager-strongswan will quickly become an
official package in all major Linux distributions.
Best regards
the strongSwan team: Tobias Brunner, Martin Willi, Andreas Steffen
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences
=is...@gmail.com'
generating authentication data failed
plz let me know where the mistake might be..
thanx in advance..
with regard
Abhishek Kumar
==
Andreas Steffen andreas.stef...@strongswan.org
to further troubleshoot and get around this issue...
Thanks,
Richard.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute
sense?
Kind regards,
Gerd
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
release. Thank you very much.
Kind regards,
Gerd
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
-modp1024
esp=aes-sha1
# Disable Perfect Forward Secrecy, if not working proper
pfs=no
# Optional enable compression (if working)
#compress=yes
==
Andreas Steffen
on
production systems instead, at least until the release of 4.3.1.
Best regards
Martin WilliAndreas Steffen
IKEv2 Software ArchitectstrongSwan Project Leader
==
Andreas Steffen andreas.stef
it configured by default. Anyway, Is there a
way I can configure it in strongswan manually?
Thanks.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
to redefine connection to_dut1
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
Système
ZA Les Playes - Jean Monnet Sud
Avenue de Lisbonne
83500 La Seyne sur Mer
E-mail : cont...@olympecti.fr
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
Lisbonne
83500 La Seyne sur Mer
E-mail : cont...@olympecti.fr
- Mail Original -
De: Andreas Steffen andreas.stef...@strongswan.org
À: Reza ISSANY issa...@olympecti.fr
Cc: users users@lists.strongswan.org
Envoyé: Vendredi 1 Mai 2009 18h36:15 GMT +01:00 Amsterdam / Berlin /
Berne
list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
not found
This one appears to be more cryptic. There's no /usr/include/vstr.h
file other than the standard string.h and strings.h files.
Any ideas? This is for an OpenBSD 4.4 host.
Thanks,
==
Andreas Steffen
post it.
Your help is highly appreciated.
Thanks
Tilak
*--
tilak
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute
it.
Your help is highly appreciated.
Thanks
Tilak
*--
tilak
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute
considered?
Thanks in advance,
Jaime
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
gracefully terminate it(e.g sending
delete or any other ipsec * commands)
Thanks and Regards
Arnab
On Wed, Jun 3, 2009 at 6:37 PM, Andreas Steffen
andreas.stef...@strongswan.org mailto:andreas.stef...@strongswan.org
wrote:
I just checked how the misconfiguration is treated
to the strongSwan community. So if you are
interested in visiting LinuxTag, just drop me an email and I'm going
to send you an invitation for an eTicket which you must fetch within
48 hours by clicking on the link and downloading the eTicket.
See you in Berlin!
Andreas Steffen, Tobias Brunner
of ISAKMP Notification Payload has an
unknown value: 40501
003 test #1: malformed payload in packet
Thanks,
Rod
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
) it sends with IKE_AUTH reply?
Basically, i want to disable the repeated authentication in strongswan. Is
it possible?
Thanks in advance.
Regards,
...Balaji.J
==
Andreas Steffen andreas.stef
was sent from Vista to Pluto,
but it was fai
led after some Main mode messages.
It was the error of calculations Hash value.
Does someone know how to complete this?
Best regards,
Shen Wu
==
Andreas Steffen
, type:
./configure --prefix=/usr --sysconfdir=/etc ...other options
Best regards
Andreas Steffen
Andreas Steffen wrote:
Hello Paul,
it looks as if libstrongswan was either not built or the path to
the library was not found. By default libstrongswan gets installed
in the /usr/local/lib
Yes, the current option is --enable-curl. For a list of all available
options, see
http://wiki.strongswan.org/wiki/strongswan/Autoconf
Best regards
Andreas Steffen
Paul Hoffman wrote:
# ./configure --enable-http
configure: WARNING: unrecognized options: --enable-http
checking for a BSD
in -lcrypto... no
configure: error: OpenSSL crypto library not found
Any help would be appreciated.
--Paul Hoffman, Director
--VPN Consortium
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan
:
- 3DES-192 CBC
- AES-128-CBC
- HMAC-SHA1-96
Would appreciate your help in this regard.
Thanks.
Best Regards
Sajal
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan
?
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
cause.
Best regards
Andreas
Wolfram Schlich wrote:
* Andreas Steffen andreas.stef...@strongswan.org [2009-07-10 18:44]:
Hi Wolfram,
Hey Andreas!
have you enabled NAT-Traversal in ipsec.conf with the statement
config setup
nat_traversal=yes
since the source port of the IKE message
Wolfram Schlich wrote:
Hi Andreas!
* Andreas Steffen andreas.stef...@strongswan.org [2009-07-13 13:08]:
The iPhone client does not like the XAUTH request:
12:11:05 pluto[23959]: | starting XAUTH server
12:11:05 pluto[23959]: iphone[3] CLIENT-IP:11044 #3:
sending
contains
the IP addresses of the VPN gateways.
Thank you
Best regards
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
=no, this would essentially disable the SA activity
portion of the liveness check. Is that correct? If so, this makes me
wonder why policy use_time is used rather than SA use_time?
Thanks,
Stephen
-Original Message-
From: Andreas Steffen [mailto:andreas.stef...@strongswan.org]
Sent
make it by configuring ipsec.conf?
Thanks
Jianqing
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
/
Best regards
Andreas Steffen Martin Willi
strongSwan Project LeaderIKEv2 Software Architect
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
Regards,
Vivek
Regards
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
?
3. Encryption algorithm can be changed for an IKE SA?
It would be great help if you could answer the above queries.
Thanks Regards,
Vivek
On 7/27/09, Andreas Steffen andreas.stef...@strongswan.org wrote:
Hi Vivek,
vivek bairathi wrote:
Hi all,
I have a requirement for creating
in the SPD, having a certain reqid).
Is this a correct interpretation?
Thanks,
Stephen
-Original Message-
From: Andreas Steffen [mailto:andreas.stef...@strongswan.org]
Sent: Wednesday, July 22, 2009 7:20 AM
To: Stephen Pisano
Cc: users@lists.strongswan.org
Subject: Re
robovpntest
leftsubnet=192.168.23.0/24
right=217.11.60.3
rightsubnet=10.89.0.0/24
rightcert=public_okawango.tuxgreen.de.pem
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux
:
Hi,
Does anyone know if strongswan support DSCP Marking?
If the answer is Yes, can we configure it? (enable or disable DSCP)
BR,
Iris
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
wrote:
Hi Andreas,
thanks for your help, but the problem still exists in V4.3.4rc1. I am
currently using
kernel V2.6.27.28.
i will try out the V4.3.3 with the patch ...
kind regards,
Michael
Am Dienstag, 28. Juli 2009 16:00 schrieb Andreas Steffen:
Hi Michael,
due
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
when we might see this feature in Strongswan?
Regards,
Juha
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute
of keyexchange parameter in ipsec.conf. Strongswan version
is 4.3.3. Any idea what could be the reason for this?
Regards,
Juha
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
working group
does not seem to have done anything in years. Why? Is the
specification/design work done somewhere else now?
Regards,
Juha
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan
!
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
are these for?
2. For charon and other binary executables, are these needed? (I assume
not but just wanted to make sure)
Thank You!
-Yong Choo
==
Andreas Steffen andreas.stef...@strongswan.org
://wiki.strongswan.org/repositories/revision/strongswan/fc0ed07c1f44d56ac9a5353c23e4cd79ee2594dd.
Regards,
Dimitrios Siganos
Andreas Steffen wrote:
Hi Dimitrios,
yes, you are right. A recent refactoring of the RDN synthesis function
introduced a wrong emailAddress OID (there are at least
of controlling anti-replay window size although I
understand that strongswan supports it.
I reviewed the man page of ipsec.conf but there is no mention of it.
==
Andreas Steffen andreas.stef...@strongswan.org
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
!
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
--
==
Andreas Steffen andreas.stef...@strongswan.org
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
simulate one gateway by setting the secondary ip address of
linux pc? If it is feasible, and then how?
Best Regards,
David
===
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN
.
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
:d5:7a:50:ee:c8:db:e5:a2:02:b4:54:5e:19:29:24:d4:23:7a:a9
subjkey: 07:1f:03:c2:e4:c7:34:3c:2c:86:19:90:02:ea:d8:f2:40:24:12:c3
authkey: 83:1f:bb:b7:c2:21:13:9c:8b:c2:6d:b6:4c:e6:98:cd:bb:9a:3b:2a
Thank you.
==
Andreas
minutes.
Any ideas?
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
a solution also?
Thanks Regards,
Vivek
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
(XAUTH+PSK) running with iphone.
Thanks,
Alok
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
)
What might be wrong?
Best regards,
Bjarke I. Pedersen
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
!
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland
and how can I solve it ?
Many thanks!
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
: add null-sha1-modp1024 and null-null to the default list
of proposals to be negotiated?
How do I know what the default list proposal list is?
Regards,
Dimitrios Siganos
==
Andreas Steffen
file so that my application can read it. Curious
why it is not called. Is it related with preshared key?
Thanks, Roger
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
Andreas
sunil kumar wrote:
Hi,
I am looking for Vendor ID string for NAT-T-6 and NAT-T-7.
It will be helpful, if i get all vendor id strings used in ISKMP.
Thanks in advance.
Regards,
Sunilkumar
==
Andreas Steffen
.
Is this the correct approach ?
Thanks,
Bhavesh Bhanushali
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet
.
David
Regards
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
.
David
Regards
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
and peer
side?
Best Regards,
David
-邮件原件-
发件人: Andreas Steffen [mailto:andreas.stef...@strongswan.org]
发送时间: 2009年9月24日 15:03
收件人: weiping deng
抄送: 'Martin Willi'; users@lists.strongswan.org
主题: Re: Some Question about the configuration payload
weiping deng wrote:
Hi Both,
Excuse
and password is taken from
the radius server)?
Thanks,
Peter
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet
to generate key encryption, cookies,... Is
it true?
Can you give me more details about it?
Many thanks!
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences
: Andreas Steffen [mailto:andreas.stef...@strongswan.org]
发送时间: 2009年9月28日 14:53
收件人: weiping deng
抄送: mar...@strongswan.org; users@lists.strongswan.org
主题: [SPAM] Re: issue about the route
Hi David,
- have you enabled IP forwarding on gateway moon?
echo 1 /proc/sys/net/ipv4/ip_forward
there are
license/legal issues. Check
http://wiki.strongswan.org/wiki/strongswan/Autoconf
for
--enable-cisco-quirks
-Daniel
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux
. ^___^
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil
}
--- *09/9/30 (三),Andreas Steffen /andreas.stef...@strongswan.org/*
寫道:
寄件者: Andreas Steffen andreas.stef...@strongswan.org
主旨: Re: [strongSwan] ip xfrm state / ip xfrm policy
收件者: Jessie Liu iamnotjes...@yahoo.com.tw
副本: users@lists.strongswan.org
日期: 2009年9月30日
.
How to avoided this?
And I found that /usr/libexec/ipsec/stroke in 4.3.2 is an executable file and
in 4.3.4 it is a script ??
Thanks ^___^
==
Andreas Steffen andreas.stef...@strongswan.org
as in
'setkey' in racoon?
Thanks,
-Yong Cho
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies
1 - 100 of 946 matches
Mail list logo