strongswan   108

« earlier    

goSecure - Landing
goSecure is an easy to use and portable Virtual Private Network (VPN) solution.
The system consists of a single server and one or many clients. strongSwan is used to establish a Suite B IPsec tunnel with pre-shared keys between the server and client(s). The core crypt implementation has been verified by NSA’s Cryptol tool.
VPN  Free  Open  goSecure  Software  NSA  strongSwan  IPsec 
june 2017 by FreemanZY
IPSEC VPN on Centos 7 with StrongSwan - Raymii.org
This is a guide on setting up an IPSEC VPN server on CentOS 7 using StrongSwan as the IPsec server and for authentication. It has a detailed explanation with every step. We choose the IPSEC protocol stack because of recent vulnerabilities found in pptpd VPNs and because it is supported on all recent operating systems by default.
CentOS7  VPN  IPSec  IKEv2  strongSwan 
march 2017 by coffeebucket
Solved: L2TP remote-access VPN - "syntax error in private key file" - Ubiquiti Networks Community
trying to set up remote-access L2TP/ipsec VPN on an edgerouter lite. i have generated x509 certificate authority, server cert, and server keys using the guide located at ªªhttp://www.ipsec-howto.org/x595.html. iºº can verify the ca.crt, Gateway.crt, and Gateway.key files with openssl, on the edgerouter itself, and they verify successfully. i am verifying them using the following commands:

openssl x509 -in ca.crt -text -noout
openssl x509 -in Gateway.crt -text -noout
openssl rsa -in Gateway.key -check

however, the VPN is not starting; the logs show "pluto" complaining that i have a "syntax error in private key file", which doesn't make any sense to me, since openssl verifies it successfully.
-----
figured it out.

the version of strongswan used on the edgerouter is 4.5.2, which (apart from being 3 years old), cannot support encrypted PKCS#8 key files, which openssl creates by default. i had to decrypt

openssl pkcs8 -in <keyfile> -out <newkeyfile>

and it loads properly now.
(for some reason, i'm seeing a bunch of AES ciphers being disabled due to the presence of a "strict" flag, which sounds worrying. but that's another matter entirely)
thanks me!
EdgeMAX  VPN  IPSec  OpenSSL  certificate  strongSwan 
february 2017 by coffeebucket
CAmanagementGUIs - strongSwan
This list only includes free software as defined by the GNU foundation.
Please contribute a small description if you think your favorite tool should be included in the list.
StrongSwan  VPN  IPSec  certificate  X.509  OpenSSL  GUI 
february 2017 by coffeebucket

« earlier    

related tags

"cisco  activedirectory  agilevpn  algo  amazon  android  ansible  apache  asa"  asa  aws  blackberry  centos  centos7  certificate  charon-systemd  charon  checkpoint  cisco  comparison  configuration  docker  eap-mschapv2  eap  ec2  edgemax  edgerouter  esh-anvilon  esp  example  examples  firewall  free  gate-to-gate  github  gosecure  gui  guide  h2h  hardware  hosting  howto  ike  ikev1  ikev2  ios  iphone  ipsec  iptables  l2tp  l2tpd  lancom  libreswan  linux  logger  logging  microsoft  mschapv2  netfilter  network  networking  nsa  open  openssl  openswan  openswap  openwrt  opnsense  osx  outage  overview  pdf  phase1  phase2  php  pptp  privacy  python  reference  rhel  roadwarrior  router  routing  security  server  server2008  setup  software  ssh  standard  swan  sysadmin  systemadministrator  systemd  tip  tips  tools  tricks  tunnel  tutorial  ubuntu  utility  virtualnetwork  vpc  vpn  vpn1  win7  windows  windows7  x.509  x509 

Copy this bookmark:



description:


tags: