Board index OpenBSD

Help: ipsecadm usage ... and VPN setup using private networks

Help: ipsecadm usage ... and VPN setup using private networks

Post by Robert S. Sciu » Sat, 16 Oct 1999 04:00:00



I'm attempting to create a VPN between two RFC 1918 private address
networks.  One has a fixed IP address, the other is connected via a dialup
ISDN link and its IP address is dynamically assigned.  I've looked at the
mini-faq, the man pages etc., but it is not apparent on how to create the
SA's and the flows for this to occur.  

I have a reasonable way of sharing secrets between the two networks, but
is there any references on how to create the SA's and flows?? I see from
the ipsecadm man page that wildcard source or destination addresses are
allowed (0.0.0.0) -- is that what I should be doing??  Also, when the link
goes down, what do I do to delete/re-initiate the SA's and flows upon startup?

I can initiate things with the ipup script in the ppp utility, (also the ipdown)
so I can create/delete things from a script.  I securely can tell the fixed
address what my dynamic IP address is, and also what the encryption keys are
(a C program), and can programmatically create/destroy the SA's and routes, but
I need specific assistance, as I've never done this aspect before -- HELP!

Any assistance is deeply appreciated:

  192.168.1.0 --- <dyn IP> --- ( internet ) --- <fixed IP> --- 192.168.2.0

Cheers,
Rob.

 
 
 
Top

1. private network -VPN-private network routing

I have set up a VPN with an SSH tunnel with the following topology
192.168.0.7
    |
------------------------
|192.168.0.1(PRIVATE)   |
|a.a.a.a(PUBLIC CLASS c)|____
------------------------    |
                            |
                        -----------------
                        | 192.168.253.2 |
                        |  ssh-ppp-vpn  |
                        |               |
                        | 192.168.253.3 |
                        -----------------
                            |
------------------------    |
B.B.B.B(public CLASS C)|____|
10.240.2.11(CLASS C)   |
------------------------
    |
    |
------------------------
10.240.2.2             |
------------------------

I have set the routing up such that I can ping every ip address on the
A  and B internet(public) machines and the ppp tunnel. But if I am on
either machine 10.240.2.2 or 192.168.0.7, I cannot ping from public to
oposite private or from private to private.  I have enabled IP
forwarding on both boxes.  Machine A is redhat 6.2 machine b is redhat
7 if that matters.  Any body have any idea what I should check to
enable private network to private network communication.

Todd
--
--------------------------------------------------
Todd Gruben
Daring Technologies
Austin Tx

Sent via Deja.com http://www.deja.com/
Before you buy.

2. Anyone else seeing this management trend favoring Linux?

3. How to setup Virtual Private Networking (VPN) in Linux?

4. Netscape 4.0b5, Comments/Problems.

5. Network to Network IPSec VPN using RHEL/CentOS: separate VPN Router and LAN Gateway

6. Need Info on porting MS-Windows app. to Unix (Linux).

7. Cluster Setup - private network with NFS homeareas on another Network ?

8. printf the date to text file

9. help-how to setup private network

10. VPN Virtual Private Network

11. Virtual Private Network (VPN) and Public Domain Software

12. Question on VPN (Virtual Private Networking)i

13. Virtual Private Network (VPN) with Linux and security


All times are UTC
Board index