IPSec
From ProgClub
IPSec is a project to get IPSec working between hosts on the ProgClub network. For other projects see Projects.
Project status
Complete! (Sort of). Didn't get IKE working with racoon, but that's no big deal, we only have three hosts so manual keying is no big deal. Also, had to configure MSS values of 200 in order to get IPSec packets through, prior to that they were being dropped. 200 is really low, so there might be some perf issues to deal with down the track. I'd say this was about 80% successful. IPSec is working between all hosts on the ProgClub network now. Thanks Zanchey!
Links
- IPSecHowTo, these are the original instructions I followed.
- Chapter 7. IPSEC: secure IP over the Internet
- ipsec and iptables
- managing IPsec packets with iptables
- IPsec-Tools Checklist
- (Solved!) UMA, IPSec Tunnels, and IPTables no worky...
- Linux Kernel 2.6 using KAME-tools
- NetBSD IPsec FAQ - Pitfalls
- NetBSD IPsec FAQ - IPSec FAQ
- Debugging rules in Iptables (closed)
- (solved) iptables : logging dropped packets
- netfilter/iptables log file format
- Iptables Tutorial 1.2.2 - LOG
- RFC 793 - Transmission Control Protocol
- Maximum segment size
- Maximum transmission unit
- Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC
Google searches
- allowing ipsec traffic through iptables
- configuring ipsec ubuntu
- iptables is dropping my ipsec packets
- iptables iptables IN=eth0 OUT= MAC=
- iptables log file format
- iptables dropping ipsec packets
- configuring ipsec-tools ubuntu
- disabling iptables ubuntu
- configuring racoon ubuntu
- ipsec maximum segment size
Forums I've asked on
- StackOverflow - Getting ipsec-tools to work between Ubuntu Lucid hosts
- Asked at Slicehost, and offered to pay for a solution
- ServerFault - Getting ipsec-tools to work between Ubuntu Lucid hosts
- Asked at ProgSoc
Offers of Help!
Come ask me (Zanchey) on irc://irc.ucc.asn.au/ucc some time. I've just spent the last week fiddling with IPsec at the University Computer Club in WA.