IPSEC site-to-site Openswan to Cisco ASA

view story

http://serverfault.com – I recieved a list of commands that were run on the right side of the VPN tunnel which is where the Cisco ASA resides. On my side, I have a linux based firewall running debian with openswan installed. I am having an issue with getting to Phase 2 of the VPN negotiation. Here is the Cisco Information I was sent: {my_public_ip} = left side of connection tunnel-group {my_public_ip} type ipsec-l2l tunnel-group {my_public_ip} ipsec-attributes pre-shared-key fakefake crypto map vpn1 1 match add customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256- (HowTos)

Submitted by xskl on 10/19/2012

Login or register to post comments
Email this page

Stories similar to IPSEC site-to-site Openswan to Cisco ASA

OpenSwan issues 3 years 43 weeks ago

I'm trying to perform a VPN lan to lan IPSEC connection. By my side, I have a server with 2 IP's, i.j.k.l (destined to act as a VPN gateway) and i.j.k.m (the server). I am a newbie. I don't know if this configuration is normal, but it's forced by our partner.

My configuration is:

OS: Fedora release 7 (Moonshine)

Site2Site tunnel via SSL VPN? 18 weeks 5 days ago

i have tried convincing my opposite office of the tunnel in question to get site-2-site ipsec up and running.

However they are not really into that and run everything via SSL VPN..

Is it possible to create a site to site tunnel via SSL VPN?

How i would setup the ipsec on our Cisco ASA 5505

local net 192.168.0.0/18 remote net 10.50.0.0/18 IKE proposal pre-share-3des-sha, pre-share-aes-256-sha I

Openswan ipsec transport tunnel not going up 32 weeks 4 days ago

On ClusterA and B I have installed the "openswan" package on Debian Squeeze.

ClusterA ip is 172.16.0.107, B is 172.16.0.108

When they ping one another, it does not reach the destination.

/etc/ipsec.conf:

version 2.0 # conforms to second version of ipsec.conf specification

config setup protostack=netkey oe=off

conn L2TP-PSK-CLUSTER type=transport left=172.1

NETKEY IPsec and ARP 1 year 8 weeks ago

I'm wondering if I have the correct routing setup for an IPsec tunnel. I have control over the IPsec endpoints and the hosts connected to one side. These hosts are connecting to the tunnel so that they have access to the network on the other side of what I will call the IPsec server.

How to delete IPSEC VPN tunnel from Fortigate 60 25 weeks 1 day ago

I have had a IPSEC connection setup between two firewalls. Now I want to remove the tunnel in my firewall, a "Fortigate 60".

There are two phases, "Phase 1" and "Phase 2" for each IPSEC connection. I can delete the "Phase 2" entry by clicking the trashcan icon (in the web interface), but there is not such icon for "Phase 1".

Packets go out one tunnel, come back another, then are dropped 2 years 24 weeks ago

Ive run into a of a routing issue pertaining to packets leaving a firewall, traversing and IPSec tunnel, hitting the target and then returning via a different tunnel, finally arriving back on the source firewall but on a different interface from where it started. Once the packet has returned to the firewall it is dropped Ive been unable to discover the reason for the drop.

Problems with ipsec betwen Cisco ASA 5505 and Juniper ssg5 1 year 8 weeks ago

I am trying to set up an ipsec tunnel between our ASA 5505 and a Juniper ssg5. The tunnel is up and running, but I cannot get any data through it.

The local network I am on is 172.16.1.0 and the remote is 192.168.70.0. But I cannot ping anything on their netowork. I receive a "Phase 2 OK" when I set up the ipsec.

I think this is the part of the config that is applicable.

IPsec site-to-site tunnel config 7 weeks 2 days ago

I'm completely lost as to how to why this doesn't work. I can't ping, much less reach resources on the other side.

Centos 6.3 OpenSWAN doesn't find my connection 31 weeks 1 day ago

I've been tearing my hair off in frustration for too long and decided Serverfault might be able to help.