I am still using an iPhone 4 with iOS 7.1.2 which cannot be updated to a more
recent iOS.
When I am on travel, I use the builtin L2TP/IPsec client in order to connect to
my FreeBSD home server providing the respective VPN service via net/mpd5 +
security/strongswan (both of which are installed f
insecure and now there's an RFC for
> that. Take a look at the UsableExamples page.
>
> Kind regards
>
> Noel
>
> On 18.03.2018 23:48, Dr. Rolf Jansen wrote:
>> I am still using an iPhone 4 with iOS 7.1.2 which cannot be updated to a
>> more recent iOS.
&
Hello,
The IKEv2 tunnels are established between device controllers in a remote pilot
plant in Spain, which is connected to the internet by a G4 mobile router, and
an AWS-EC2 instance in Frankfurt. On both sides strongSwan v5.9.6 is installed
and the OS is FreeBSD 13.0-RELEASE. Both sides are b
ys4.de>>:
>
> On 17.08.22 14:50, Dr. Rolf Jansen wrote:
>> Hello,
>>
>> The IKEv2 tunnels are established between device controllers in a remote
>> pilot plant in Spain, which is connected to the internet by a G4 mobile
>> router, and an AWS-EC2 instance in F
> Am 17.08.2022 um 10:45 schrieb Michael Schwartzkopff :
>
> On 17.08.22 15:35, Dr. Rolf Jansen wrote:
>> I know what DPD is. Years ago, I used it with the old racoon of the
>> ipsec-tools then with IKEv1, and in racoon.conf I set the dpd_delay and let
>> it after dpd
> Am 17.08.2022 um 10:41 schrieb
> noel.kuntze+strongswan-users-ml@thermi.consulting:
>
> Hi all,
>
> Dpd and nat keepalive only work on IKE layer, not on the CHILD_SAs that you
> want.
I didn’t tell in my first post, that I checked the SA dumps on both sides of a
nonworking tunnel using „set
> Am 17.08.2022 um 12:11 schrieb
> noel.kuntze+strongswan-users-ml@thermi.consulting:
>
> Hi all,
>
> Regarding traps:
> All supported OS can do that. It's not special.
> Auto=start does not install these traps.
> If the tunnel is terminated you will not have any policies. Not even traps.
> The
I am not 100 % sure yet, however the impression is, not more than 1.
FreeBSD 13.1-RELEASE
strongSwan 5.9.6
As soon as there are more than 1 connections having different virtual peer
addresses connected to the same local address, the system suffers connection
losses. From charon's point of view,
> I propose you investigate in detail and create some logs and so on.
>> The configs tell basically nothing relevant about what happens in your real
>> life scenario.
>>
>> Kind regards
>> Noel
>>
>> On 22.08.22 16:19, Dr. Rolf Jansen wrote:
>
and so on.
> The configs tell basically nothing relevant about what happens in your real
> life scenario.
>
> Kind regards
> Noel
>
> On 22.08.22 16:19, Dr. Rolf Jansen wrote:
>> I am not 100 % sure yet, however the impression is, not more than 1.
>> FreeBSD 13.1-R
The server is running FreeBSD 10-RELEASE-p9 with IPsec/NATT enabled in the
Kernel.
I installed installed strongSwan 5.2.0 from the FreeBSD Ports tree.
The ipsec.conf is:
conn L2TP
leftauth = psk
rightauth = psk
left = 11.11.11.11
right = %any
auto = add
The strongswan.conf is:
c
Many thanks for your kind reply!
Am 19.09.2014 um 05:41 schrieb Martin Willi :
> Am 17.09.2014 um 22:39 schrieb Dr. Rolf Jansen :
>
>> I can connect to this L2TP/IPsec setup using Mac OS X 10.6 to 10.9,
>> and iOS 7 clients sitting behind a NAT. A Windows 7 client from behi
Am 27.09.2014 um 15:12 schrieb CpServiceSPb . :
> Can somebody give step by step instruction and/or working Ca, Server & Client
> certificate with testing data as working example that Win 7 could work
> accross psk/ikev1/ikev2 ?
I am running strongSwan 5.2.0 on a FreeBSD machine, and I also ha
I am referring to the example setup given at
http://www.strongswan.org/uml/testresults/ikev2/farp/index.html.
My question is, whether carol and dave do have access to the web server
winnetou from within the internal network by the way of a NAT'ing moon?
Best regards
Rolf
to packets that aren't
> handled by ipsec and only going to the WAN.
> I think it should work alright from the peer's viewpoint, if the firewall on
> the gateway is set up correctly.
>
> Am 12.10.2014 um 16:34 schrieb Dr. Rolf Jansen:
>
>> I am referring to the
During connection attempts of a Windows 7 client by IKEv1 in transport mode, I
see the following:
...
[NET] received packet: from Y.Y.Y.Y[4500] to X.X.X.X[4500]
(284 bytes)
[ENC] parsed QUICK_MODE request 1 [ HASH SA No ID ID NAT-OA
NAT-OA ]
[IKE] received 25000 lifebytes, configured 0
[
Am 04.11.2014 um 06:51 schrieb Martin Willi :
>> During connection attempts of a Windows 7 client by IKEv1 in transport mode,
>> I see the following:
>
>> [IKE] received 25000 lifebytes, configured 0
>
> These lifebytes refer to the number of bytes the peer allows over this
> Quick Mode be
17 matches
Mail list logo
