To be fair its not highly sensitive info we are dealing with.
-----Original Message----- From: "Eero Volotinen" eero.volotinen@iki.fi Sent: 21/03/2016 17:51 To: "CentOS mailing list" centos@centos.org Subject: Re: [CentOS] IPSec multiple VPN setups
Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" glennpierce@gmail.com kirjoitti:
Will ask my boss :) We are hosted on memset so not so easy to update
Thanks
On 21 March 2016 at 17:36, Eero Volotinen eero.volotinen@iki.fi wrote:
Centos 5 is still soon end of life. Using it as ipsec gateway is ..
Eero 21.3.2016 7.25 ip. "Mike - st257" silvertip257@gmail.com kirjoitti:
On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 silvertip257@gmail.com wrote:
I second Eero's comment, use a new IPSec daemon.
Openswan was forked and became Libreswan. Paul, now a RH employee,
was a
main developer for the Openswan project before he and others created
the
Libreswan fork. https://libreswan.org/
EL6 has Openswan EL7 has Libreswan
Racoon isn't all that fun to work with. If you have the option, ditch it and EL5 and move to a newer platform (preferably EL7 with Libreswan).
There's an RPM spec file (though I've not used it) for building Openswan for EL5. https://github.com/xelerance/Openswan/tree/master/packaging/centos5
Additionally, here's some info but I advise against the Racoon IPSec daemon.
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-racoon-conf.html
On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <
eero.volotinen@iki.fi>
wrote:
Yes you can. Please use newer version of centos and strong/openswan.
Eero 21.3.2016 7.05 ip. "Glenn Pierce" glennpierce@gmail.com kirjoitti:
Hi I hope someone can answer something I'm sure is quite basic.
I am following the instructions at
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
On setting up a VPN
The part I am having trouble with is when it show the /etc/racoon/racoon.conf file. But it doesn't say whay you have to do with this file.
When I bring up my connection
ifup bicester
I get RTNETLINK answers: No such device
looking at /var/messages I see
ERROR: failed to bind to address 127.0.0.1[500] (Address already in
use).
Mar 21 17:01:05 racoon: ERROR: failed to bind to address
*.*.*.*[500]
(Address already in use). Mar 21 17:01:05 racoon: ERROR: failed to bind to address
*.*.*.*[500]
(Address already in use). Mar 21 17:01:05 racoon: ERROR: failed to bind to address
*.*.*.*[500]
(Address already in use). Mar 21 17:01:05 racoon: ERROR: failed to bind to address ::1[500] (Address already in use). Mar 21 17:01:05 racoon: INFO: fe80::bcef:4fff:fe66:82ec%eth0[500] used as isakmp port (fd=25)
There was an existing setup done long ago.
How can I setup more than one vpn connection (manually as this is a headless server) or is that not possible ?
Thanks for any pointers _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
-- ---~~.~~--- Mike // SilverTip257 //
-- ---~~.~~--- Mike // SilverTip257 // _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos