Skip to main content

Setting up an OpenBSD vpn

More
20 years 3 months ago #5303 by c0lin
I've tried to make a vpn between 2 OpenBSD 3.5 servers with isakmpd/ipsecadm. These are the steps that i've followed:

1. sysctl forwarding + ah/esp
2. ipsecadm tunnels
3. isakmpd.conf/isakmpd.policy
4. firewall configuration

...but with no success.

Can somebody help me?
More
20 years 3 months ago #5318 by sahirh
What exactly is the problem you're getting, is it during the session setup or after the session has been setup..... is there a NAT device between the two boxes anywhere ?

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
20 years 3 months ago #5321 by Cheetah
Hi

This is not an answer post; But just thought of posting here ;)

Use OpenVPN openvpn.sourceforge.net/

Regards
- Cheetah

Kind Regards,
<b>Cheetah</b>
<i>The outcome of devotion is, quality!</i>
More
20 years 3 months ago #5323 by c0lin
Replied by c0lin on topic Re: Setting up an OpenBSD vpn
I think that the problem is in the session setup. Though the 2 servers are listening on udp 500 (isakmpd) im not able to ping the remote LAN ip's.

LAN_A ---- OBSD_A
INTERNET
OBSD_B ---- LAN_B

LAN_A 192.168.100.0/24
OBSD_A interfaces: INT_IF=192.168.100.1
EXT_IF=123.123.123.123

LAN_B 192.168.110.1/24
OBSD_B interfaces: INT_IF=192.168.110.1
EXT_IF=213.213.213.213

In the `cat kernel/ipsec` arent made any Security Associations.
More
20 years 3 months ago #5337 by sahirh
have you tried sniffing the session setup phase and finding out whats happening

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.136 seconds