Glenn Pierce wrote:
To be fair its not highly sensitive info we are dealing with.
That doesn't matter. Do you drive a car that's leaking oil, and the engine check light has been on for months, and just put gas in, and not worry about adding more oil, or going to a mechanic?
mark
-----Original Message----- From: "Eero Volotinen" eero.volotinen@iki.fi Sent: 21/03/2016 17:51 To: "CentOS mailing list" centos@centos.org Subject: Re: [CentOS] IPSec multiple VPN setups
Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" glennpierce@gmail.com kirjoitti:
Will ask my boss :) We are hosted on memset so not so easy to update
Thanks
On 21 March 2016 at 17:36, Eero Volotinen eero.volotinen@iki.fi wrote:
Centos 5 is still soon end of life. Using it as ipsec gateway is ..
Eero 21.3.2016 7.25 ip. "Mike - st257" silvertip257@gmail.com kirjoitti:
On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257
wrote:
I second Eero's comment, use a new IPSec daemon.
Openswan was forked and became Libreswan. Paul, now a RH employee,
was a
main developer for the Openswan project before he and others
created the
Libreswan fork. https://libreswan.org/
EL6 has Openswan EL7 has Libreswan
Racoon isn't all that fun to work with. If you have the option, ditch it and EL5 and move to a newer
platform
(preferably EL7 with Libreswan).
There's an RPM spec file (though I've not used it) for building
Openswan
for EL5. https://github.com/xelerance/Openswan/tree/master/packaging/centos5
Additionally, here's some info but I advise against the Racoon IPSec daemon.
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-racoon-conf.html
On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <
eero.volotinen@iki.fi>
wrote:
Yes you can. Please use newer version of centos and
strong/openswan.
Eero 21.3.2016 7.05 ip. "Glenn Pierce" glennpierce@gmail.com
kirjoitti:
> Hi I hope someone can answer something I'm sure is quite basic. > > I am following the instructions at >
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
> On setting up a VPN > > The part I am having trouble with is when it show the > /etc/racoon/racoon.conf file. > But it doesn't say whay you have to do with this file. > > When I bring up my connection > > ifup bicester > > I get > RTNETLINK answers: No such device > > looking at /var/messages I see > > ERROR: failed to bind to address 127.0.0.1[500] (Address already
in
use). > Mar 21 17:01:05 racoon: ERROR: failed to bind to address
*.*.*.*[500]
> (Address already in use). > Mar 21 17:01:05 racoon: ERROR: failed to bind to address
*.*.*.*[500]
> (Address already in use). > Mar 21 17:01:05 racoon: ERROR: failed to bind to address
*.*.*.*[500]
> (Address already in use). > Mar 21 17:01:05 racoon: ERROR: failed to bind to address
::1[500]
> (Address already in use). > Mar 21 17:01:05 racoon: INFO:
fe80::bcef:4fff:fe66:82ec%eth0[500]
> used as isakmp port (fd=25) > > There was an existing setup done long ago. > > How can I setup more than one vpn connection (manually as this
is a
> headless server) > or is that not possible ? > > Thanks for any pointers > _______________________________________________ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
-- ---~~.~~--- Mike // SilverTip257 //
-- ---~~.~~--- Mike // SilverTip257 // _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos