-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all, My configuration : Suse Linux 7.3 kernel 2.4.19 + patch superpage + ADSL connexion + iptables + local network on 192.198.0.x I want to connect on a remote VPN (Cisco PIX), i have downloaded (Cisco Systems VPN Client Version 3.5.2 (Rel)), the compilation of ./vpn_install work fine. i'm lauch /etc/rc.d/vpnclient_init start => no error msg and the cisco_ipsec module is monted perfectly. Here is my profile (test.pcf) : [main] Description=vpn test Host=213.xxx.155.xxx AuthType=1 GroupName=le_nom_du_groupe EnableISPConnect=0 ISPConnectType=0 ISPConnect= ISPCommand= Username= SaveUserPassword=0 EnableBackup=0 BackupServer= EnableNat=1 CertStore=0 CertName= CertPath= CertSubjectName= CertSerialHash=00000000000000000000000000000000 DHGroup=2 ForceKeepAlives=0 UserPassword= enc_UserPassword= GroupPwd= EnableLocalLAN=1 I start /usr/local/bin/vpnclient connect test, then i put my password for the group : Cisco Systems VPN Client Version 3.5.2 (Rel) Copyright (C) 1998-2002 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Linux Running on: Linux 2.4.19 #2 ven oct 25 18:48:34 CEST 2002 i686 Initializing the IPSec link. Contacting the gateway at 213.xxx.155.xxx Negotiating security policies. Securing communication channel. Your link is secure. IPSec tunnel information. Client address: 10.1.3.3 Server address: 213.xxx.155.xxx Encryption: 56-bit DES Authentication: HMAC-SHA IP Compression: None NAT passthrough is inactive. Local LAN Access is disabled. And now, nothing ... My ADSL connexion shutdown, i ping nothing and my ifconfig look like this : #ifconfig -a lo Lien encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:40047 errors:0 dropped:0 overruns:0 frame:0 TX packets:40047 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:14073231 (13.4 Mb) TX bytes:14073231 (13.4 Mb) ppp0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 P-t-P:81.48.76.1 Masque:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:4562 errors:0 dropped:0 overruns:0 frame:0 TX packets:6327 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:3 RX bytes:503251 (491.4 Kb) TX bytes:409276 (399.6 Kb) sit0 Lien encap:IPv6-dans-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 Masque:255.255.255.255 UP RUNNING NOARP MTU:16260 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec1 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec2 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec3 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) eth0 Lien encap:Ethernet HWaddr 00:00:E8:96:08:25 inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:246 errors:0 dropped:0 overruns:0 frame:0 TX packets:456 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:33454 (32.6 Kb) TX bytes:414668 (404.9 Kb) Interruption:10 Adresse de base:0x3000 I have searched on forums, web and newsgroups, but i find nothing for my problem. Anyone have this problem ?? Could you help my for my VPN connexion ? Thanks for all and sory for m poor english .. I'm a french'user ;-) @+ - -- Franck \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ franck@linuxpourtous.com Fingerprint : 20F4 DBE5 7234 52D6 3610 BB17 D73C 1F7A 9E64 F6A1 http://www.linuxpourtous.com Clef PGP : http://www.linuxpourtous.com/download/franck_linuxpourtous.asc \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9ukRh1zwfep5k9qERAmYAAKCIXJWwPSYvmkrgHGvWNr+jdo9qRACfQMbl Hr7N7arrpZ1+usT1fl06HMs= =3Njw -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ERROR in my ifconfig, the good are here : # ifconfig -a cipsec0 Lien encap:Ethernet HWaddr 00:00:00:00:00:00 BROADCAST MULTICAST MTU:1400 Metric:1 RX packets:10 errors:0 dropped:0 overruns:0 frame:0 TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) eth0 Lien encap:Ethernet HWaddr 00:00:E8:96:08:25 inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2494 errors:0 dropped:0 overruns:0 frame:0 TX packets:3109 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:400013 (390.6 Kb) TX bytes:1740787 (1.6 Mb) Interruption:10 Adresse de base:0x3000 lo Lien encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:41747 errors:0 dropped:0 overruns:0 frame:0 TX packets:41747 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:14670706 (13.9 Mb) TX bytes:14670706 (13.9 Mb) ppp0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 P-t-P:81.48.76.1 Masque:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:8420 errors:0 dropped:0 overruns:0 frame:0 TX packets:11184 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:3 RX bytes:2313621 (2.2 Mb) TX bytes:978756 (955.8 Kb) sit0 Lien encap:IPv6-dans-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
#ifconfig -a
lo Lien encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:40047 errors:0 dropped:0 overruns:0 frame:0 TX packets:40047 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:14073231 (13.4 Mb) TX bytes:14073231 (13.4 Mb)
ppp0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 P-t-P:81.48.76.1 Masque:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:4562 errors:0 dropped:0 overruns:0 frame:0 TX packets:6327 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:3 RX bytes:503251 (491.4 Kb) TX bytes:409276 (399.6 Kb)
sit0 Lien encap:IPv6-dans-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 Masque:255.255.255.255 UP RUNNING NOARP MTU:16260 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec1 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec2 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec3 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth0 Lien encap:Ethernet HWaddr 00:00:E8:96:08:25 inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:246 errors:0 dropped:0 overruns:0 frame:0 TX packets:456 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:33454 (32.6 Kb) TX bytes:414668 (404.9 Kb) Interruption:10 Adresse de base:0x3000
I have searched on forums, web and newsgroups, but i find nothing for my problem. Anyone have this problem ?? Could you help my for my VPN connexion ?
Thanks for all and sory for m poor english .. I'm a french'user ;-)
@+
- -- Franck \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ franck@linuxpourtous.com Fingerprint : 20F4 DBE5 7234 52D6 3610 BB17 D73C 1F7A 9E64 F6A1 http://www.linuxpourtous.com Clef PGP : http://www.linuxpourtous.com/download/franck_linuxpourtous.asc \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9uk3t1zwfep5k9qERAji0AJ9SrNqohiknb3JIyl8vJmaKFZpC1QCfUlUu mUnQgzrxYJlRlu9rCSvJPEo= =7fEr -----END PGP SIGNATURE-----
Are you trying to use the client on a dual nic box? I have been using their client for some time and there are issues: 1. Enabling local lan does not work, in fact on the newer version listed below enabling local lan kills both lans(really nice if you ask me ;-) ) 2. In a dual nic situation the client does not know which nic to use therefore it uses both / neither, SuSEfirewall is a no go. 3. There is a newer release of the client at cisco's iste(something like 3.6.1). What I do to connect is have the client installed and configured on one of my inside machines which is routed through my firewall server and then everything works when I issue the connect command. Somethings to be aware of though - the client script can not override settings on the VPN concentrator like password saving, group settings, etc. and ensure you have a good timeout set otherwise you will be booted very quickly. I am currently working with FreeS/WAN to get a server type configuration setup to replace the cisco client and do a LAN to LAN style connection so that I can get the full functionality that I require. Good luck, hope this helps Franck wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ERROR in my ifconfig, the good are here : # ifconfig -a
cipsec0 Lien encap:Ethernet HWaddr 00:00:00:00:00:00 BROADCAST MULTICAST MTU:1400 Metric:1 RX packets:10 errors:0 dropped:0 overruns:0 frame:0 TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth0 Lien encap:Ethernet HWaddr 00:00:E8:96:08:25 inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2494 errors:0 dropped:0 overruns:0 frame:0 TX packets:3109 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:400013 (390.6 Kb) TX bytes:1740787 (1.6 Mb) Interruption:10 Adresse de base:0x3000
lo Lien encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:41747 errors:0 dropped:0 overruns:0 frame:0 TX packets:41747 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:14670706 (13.9 Mb) TX bytes:14670706 (13.9 Mb)
ppp0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 P-t-P:81.48.76.1 Masque:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:8420 errors:0 dropped:0 overruns:0 frame:0 TX packets:11184 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:3 RX bytes:2313621 (2.2 Mb) TX bytes:978756 (955.8 Kb)
sit0 Lien encap:IPv6-dans-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
#ifconfig -a
lo Lien encap:Boucle locale inet adr:127.0.0.1 Masque:255.0.0.0 adr inet6: ::1/128 Scope:Hôte UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:40047 errors:0 dropped:0 overruns:0 frame:0 TX packets:40047 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:14073231 (13.4 Mb) TX bytes:14073231 (13.4 Mb)
ppp0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 P-t-P:81.48.76.1 Masque:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:4562 errors:0 dropped:0 overruns:0 frame:0 TX packets:6327 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:3 RX bytes:503251 (491.4 Kb) TX bytes:409276 (399.6 Kb)
sit0 Lien encap:IPv6-dans-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec0 Lien encap:Protocole Point-à-Point inet adr:81.48.76.177 Masque:255.255.255.255 UP RUNNING NOARP MTU:16260 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec1 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec2 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec3 Lien encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth0 Lien encap:Ethernet HWaddr 00:00:E8:96:08:25 inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:246 errors:0 dropped:0 overruns:0 frame:0 TX packets:456 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:100 RX bytes:33454 (32.6 Kb) TX bytes:414668 (404.9 Kb) Interruption:10 Adresse de base:0x3000
I have searched on forums, web and newsgroups, but i find nothing for my problem. Anyone have this problem ?? Could you help my for my VPN connexion ?
Thanks for all and sory for m poor english .. I'm a french'user ;-)
@+
- -- Franck
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ franck@linuxpourtous.com Fingerprint : 20F4 DBE5 7234 52D6 3610 BB17 D73C 1F7A 9E64 F6A1
http://www.linuxpourtous.com Clef PGP : http://www.linuxpourtous.com/download/franck_linuxpourtous.asc \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9uk3t1zwfep5k9qERAji0AJ9SrNqohiknb3JIyl8vJmaKFZpC1QCfUlUu mUnQgzrxYJlRlu9rCSvJPEo= =7fEr -----END PGP SIGNATURE-----
-- /*Weyco* Group/ Duane Kehoe EC / Programmer / Analyst Phone # 414.908.1814 Fax # 414.908.1601 Email: dkehoe@weycogroup.com
Hi List, wondering if anyone knows a good fix. Apparently some spammer uses one of my domains as his reply-to address. the bastard. nothing i can do about that. besides rejecting anything pointing to that domain, except for one address, what else can i do? using sendmail-tls packacge with DNSBL enabled (dunno if that works, though) regards Evert
Evert Smit wrote:
Hi List,
wondering if anyone knows a good fix. Apparently some spammer uses one of my domains as his reply-to address. the bastard. nothing i can do about that. besides rejecting anything pointing to that domain, except for one address, what else can i do?
there's nothing you can do beside rejecting unknown users (which is always good ;) Most of the spam comes with faked senderadresses. The spammer is mostly able to specify whatever he want as sender. In the good world, all Mailservers will be configured that just the sender can use his domain on his server etc., but we're not in this world ;)
participants (4)
-
Duane Kehoe -
Evert Smit -
Franck -
Sven 'Darkman' Michels