Tema: Re: ipsec strongswan
Autorius: rabarbaras
Data: 2008-11-19 07:58:35
iptables?

lingus wrote:
> visÄ… dienÄ… prasiknisau, jau prarandu viltÄÆ  :(
> neina pingas ir vieno potinklio ÄÆ kitÄ…, gal žinot kurioj vietoj rankos
> kreivos? dÄ—koju. Jie reikia daugiau info mielai duosiu :)
> 
> kaunas-gw:~# ipsec up kaunas-vilnius
> initiating IKE_SA 'kaunas-vilnius' to 88.119.144.49
> IKE_SA 'kaunas-vilnius' state change: CREATED => CONNECTING
> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
> sending packet: from 88.119.128.22[500] to 88.119.144.49[500]
> received packet: from 88.119.144.49[500] to 88.119.128.22[500]
> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
> authentication of 'kaunas.webmedia.lt' (myself) with pre-shared key
> establishing CHILD_SA
> generating IKE_AUTH request 1 [ IDi IDr AUTH CP SA TSi TSr ]
> sending packet: from 88.119.128.22[500] to 88.119.144.49[500]
> received packet: from 88.119.144.49[500] to 88.119.128.22[500]
> parsed IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(AUTH_LFT) ]
> authentication of 'vilnius.webmedia.lt' with pre-shared key successful
> IKE_SA 'kaunas-vilnius' state change: CONNECTING => ESTABLISHED
> scheduling reauthentication in 10069s
> maximum IKE_SA lifetime 10609s
> IKE_SA 'kaunas-vilnius' established between
> 88.119.128.22[kaunas.webmedia.lt]...[vilnius.webmedia.lt]88.119.144.49
> installing new virtual IP 192.168.46.253
> CHILD_SA 'kaunas-vilnius' established successfully
> 
> kaunas-gw:~# ipsec route kaunas-vilnius
> routing CHILD_SA
> CHILD_SA routed
> 
> kaunas-gw:~# ipsec statusall
> Performance:
>   uptime: 51 seconds, since Nov 18 23:28:40 2008
>   worker threads: 10 idle of 16, job queue load: 0, scheduled events: 3
>   loaded plugins: ldap gmp random x509 pubkey hmac xcbc openssl stroke
> Listening IP addresses:
>   88.119.128.22
>   192.168.46.253
> Connections:
> kaunas-vilnius:
> 88.119.128.22[kaunas.webmedia.lt]...88.119.144.49[vilnius.webmedia.lt]
> kaunas-vilnius:    192.168.46.0/24 === 192.168.49.0/24
> Security Associations:
> kaunas-vilnius[1]: ESTABLISHED,
> 88.119.128.22[kaunas.webmedia.lt]...88.119.144.49[vilnius.webmedia.lt]
> kaunas-vilnius[1]: IKE SPIs: 3d185a1db0a88c7a_i* 6f950f9cafcb43c0_r,
> reauthentication in 2 hours
> kaunas-vilnius[1]: IKE proposal:
> AES_CBC-128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048_BIT
> kaunas-vilnius{1}:  INSTALLED, TUNNEL, ESP SPIs: cb2b6933_i cc741dda_o
> kaunas-vilnius{1}:  AES_CBC-128/HMAC_SHA1_96, rekeying in 46 minutes,
> last use: no_i no_o
> kaunas-vilnius{1}:   192.168.46.0/24 === 192.168.49.0/24
> kaunas-vilnius{2}:  ROUTED, TUNNEL
> kaunas-vilnius{2}:   192.168.46.0/24 === 192.168.49.0/24
> ipsec strongswan
+Q: teisių auditaskrx2008-11-20 11:17
-ipsec strongswanlingus2008-11-18 23:39
Re: ipsec strongswanrabarbaras2008-11-19 07:58
Re: ipsec strongswanlingus2008-11-19 13:25
Re: ipsec strongswanrabarbaras2008-11-19 13:54
Re: ipsec strongswanlingus2008-11-19 20:09
Re: ipsec strongswanlingus2008-11-19 21:15
+FreeBSD 5.1 RELEASE atnaujinimasIrmantas2008-11-18 17:21
+Klausimas dėl paštoAudrius R.2008-11-17 22:57
+centos problemamrxas2222008-11-17 15:58
+del squidsergeii2008-11-16 21:26
+Q: X Window ir Xorg - ar tai tas pats?Aras2008-11-16 09:04
+chown nepadedaunknown2008-11-15 23:58
+sshscript kiddie2008-11-14 18:00
+iptableslingus2008-11-14 10:20
+standartinis postfix ir routeris uz 100 lituMakauskas Vidas2008-11-13 10:52
+noretusi protingo komentaroEdvardas Butrimas2008-11-12 11:38
+Horde problemaniim2008-11-09 15:42
+ubuntu VirtualBox Sound problemGiedrius2008-11-07 19:17
+security klausimastobias2008-11-07 16:45
+OT: Intel Atom N270 CPU - dual ar single core?gk <Zyna@(sabaka)zyzni.net>2008-11-07 11:23
+Mailscanner rules: .exe in .zipcaro2008-11-07 08:49
+Trafiko monitorinimasGedikas2008-11-06 19:01
+linuxe virtuali masinabiagle2008-11-05 19:41
+ISPCONFIG upgradetobias2008-11-05 18:22
+procesas dd ?Marius K2008-11-04 22:10
+trukinejantis kaniekshynasabrozdelis2008-10-31 22:11
LUKS nulauzimasmrxas2222008-10-31 10:34
+gentooNerijus T2008-10-30 16:37
+reikia mazos pamokelesscript kiddie2008-10-29 08:32
+Gal kam reikia fibre channel hubo?Levas2008-10-28 20:34
+mysql40-server install errorIrmantas2008-10-27 17:12
Remote pajungimas UbuntuVaidasB2008-10-27 15:39
+kaip pakeisti MAC adresa?Diskai2008-10-23 00:24
+Diskless server?Mindaugas2008-10-21 21:58
+Kas naujo anti p2p fronte?Levas2008-10-21 21:18
+GPS Bluetooth linux'uiNo2008-10-21 10:22
+Ubuntu admino slaptazodis, ar lauzomasTuzas2008-10-20 20:08
+q: koki disko formatavima pasirinkt?Dovydas2008-10-20 13:05
samba AD+ACLssergeii2008-10-20 09:30
+sybase ase 11.0.3.3?Sashokas2008-10-16 16:18
+disku uzmoutininimasDovydas2008-10-12 22:10
+vmware ESXi 3.5 reikalavimaiarulis2008-10-11 11:16
+tcp/ip tinklo greicio kontrole<geras@gelbek.lt>2008-10-10 09:01
+BASH - stdout ar stderr?ard2008-10-09 15:00
+rsync windows->linuxlingus2008-10-08 09:18
+nesusipratimas su http uzklausanew.omnitel.net2008-10-07 12:44
+sambassh2008-10-07 10:41
+Q: Sambassh2008-10-07 10:36