by Patrick Wetmor » Mon, 24 Jul 2000 04:00:00
I'm trying to connect to my OpenBSD machine via IPsec from an NT client.
I'm trying to use PGPnet, but the two systems refuse to talk to eachother.
Does anybody have any working configuration/policy files (minus any
authentication info, of course) they could share?
Thanks,
- pat
by Nic » Mon, 24 Jul 2000 04:00:00
> I'm trying to connect to my OpenBSD machine via IPsec from an NT client.
> I'm trying to use PGPnet, but the two systems refuse to talk to eachother.
http://www.wibble.net/~sky/isakmpd.confQuote:> Does anybody have any working configuration/policy files (minus any
> authentication info, of course) they could share?
All identifying marks have been removed to protect the guilty :-)
HOSTONE was the PGPnet machine (also worked with Linux FreeS/WAN),
HOSTTWO was the OpenBSD machine. I don't know if these still work ok for
2.7, but it should give you a base to work from.
HTH,
Nic.
--
My non-official mailbox: < sky at wibble dot net >
Internet Software & Security Consulting - http://www.bellamy.co.nz/
by pe.. » Mon, 24 Jul 2000 04:00:00
I still have to manage using with certificates, as i understand it
might be possibel in 2.7
--Quote:> I'm trying to connect to my OpenBSD machine via IPsec from an NT client.
> I'm trying to use PGPnet, but the two systems refuse to talk to eachother.
> Does anybody have any working configuration/policy files (minus any
> authentication info, of course) they could share?
> Thanks,
> - pat
by Patrick Wetmor » Tue, 25 Jul 2000 04:00:00
Thanks, that one worked!
However, it seems to be working without my having created any certificate
information on the OpenBSD host...
I checked the connection via tcpdump, it's encrypted. But is it securely
encrypted, or does the lack of certificates on the OpenBSD side open it up?
PGPnet created some keys as a prerequisite for starting up PGPnet, maybe
those are being used?
- pat
Quote:> Have a look at www.allard.nu, it where i learned "how to"
> It describes pgp-net + openbsd + preshared-keys for auth.
> I still have to manage using with certificates, as i understand it
> might be possibel in 2.7
by Patrick Wetmor » Tue, 25 Jul 2000 04:00:00
- pat
> Thanks, that one worked!
> However, it seems to be working without my having created any certificate
> information on the OpenBSD host...
> I checked the connection via tcpdump, it's encrypted. But is it securely
> encrypted, or does the lack of certificates on the OpenBSD side open it
up?
> PGPnet created some keys as a prerequisite for starting up PGPnet, maybe
> those are being used?
> - pat
> > Have a look at www.allard.nu, it where i learned "how to"
> > It describes pgp-net + openbsd + preshared-keys for auth.
> > I still have to manage using with certificates, as i understand it
> > might be possibel in 2.7
by pe.. » Tue, 25 Jul 2000 04:00:00
No certificates used.
However, one ought to replace preshared-keys with certificates. Some days
ago i only needed 2.7 CD to test , but now i have to get myself a new laptop
too(mine was stolen yesterday :-( )
I'll drop a note here if and when i succeed with pgp-net and certificate auth.
Peter h
>> I still have to manage using with certificates, as i understand it
>> might be possibel in 2.7
Has anyone tried PGPnet freeware client with OpenBSD 2.9 snapshot gateway??
I can't be able to connect with error on the OpenBSD console :
malformed_payload.
(I've followed exactly the example at http://www.allard.nu/openbsd/ )
Thanks in advance.
Jani
2. XEmacs 19.13 ELF: can't resolve symbol '_h_errno'
3. Problems with IPSec manual keying example on 3.3
5. Jews Against Zionism = Jews Against Israel
8. dvi -> pdf
9. Multiple Outgoing IPSEC SAs ( Sun Solaris 9, IKE/IPSEC)
10. IPSec/VPN to Cisco router with IPSec IOS ?
11. Solaris and IPsec, non IPsec aware boxes on network.
13. IPSEC Howto i can buil IPSec tunnel...