How to start the IPsec Service?
The “VPN”-Tab on the Dashboard shows “vpn_disabled” and the “Services”-Tab shows “ipsec (Internet Protocol Security - VPN)” as stopped. So I assume it is not running. But where can I start it?
My intention would be to find it somewhere in the “VPN”-Page, but I can’t. Or that the services starts automatically after a VPN tunnel was configured.
Where can I activate the ipsec-VPN Service (except using the Console…)?
Yes, just create a tunnel and the IPSec will be marked as running
No, it’s not
This is the status of my firewall in production:
[root@nethsecurity ~]# service ipsec status
IPsec running - pluto pid: 10055
pluto pid 10055
1 tunnels up
some eroutes exist
[root@nethsecurity ~]# config show ipsec
ipsec=service
AuthenticationId=
CertificateName=
KeyPskSecret=
KeyRsaName=
KeyType=rsa
L2tpNetmask=255.255.255.0
L2tpNetwork=192.168.78.0
ServerStatus=disabled
status=enabled
Can you post your config?
[root@gw ~]# service ipsec status
IPsec stopped
but...
has subsystem lock (/var/lock/subsys/ipsec)!
[root@gw ~]# config show ipsec
ipsec=service
AuthenticationId=
CertificateName=
KeyPskSecret=xxx!
KeyRsaName=
KeyType=rsa
L2tpNetmask=255.255.255.0
L2tpNetwork=10.100.0.0
ServerStatus=enabled
status=enabled
I got it!
The tab you’re referring is the one used to display openvpn tunnels…know, the VPN web interface need a full refactor!
Regarding IPsec, the status of the service should be cleaned:
rm -rf /var/lock/subsys/ipsec
And if it should be up:
service ipsec start
I did this, but the ipsec-service was already started regarding the Console. The Dashboard tells it was not.
I stopped it and started it again. After that both are telling me they are started.
Now I will try to configure my AVM FritzBox to connect to the Nethserver using IPsec.
Just for interest: Are you knowing the brand AVM and/or FritzBox in the other countries? In Germany every second internetaccess is established using that model but I don’t know how it is in other contries.
I don’t know sorry. Maybe @davide_marini or @filippo_carletti have some clue.
The FritzBox is well know in Italy, highly regarded, but probably not as extensively uses as in Germany.
I think I’ve seen an IPsec VPN between NS and a fritzbox.
In RFC we trust
I’m currently try to configure my FritzBox to connect to Nethserver via ipsec.
The FritzBox interface looks like this (I added a translation for the fields):
What do you think I have to enter in this fields?
Nethserver address and the remotenetwork-settings are clear.
I tried:
VPN Username: “Name” field of ipsec-Tunnel in Nethserver
VPN-Password: PSK defined in Nethserver
and
VPN Username: “Name” field of ipsec-Tunnel in Nethserver
VPN-Password: PSK defined in Nethserver
XAUTH enabled
XAUTH Username: Accountname defined in Nethserver
XAUTH Password: The password for that account
and
VPN Username: “Name” of a User in Nethserver
VPN-Password: PSK defined in Nethserver
none of them worked.
The Fritzbox failes with the Error “VPN-Fehler: , IKE-Error 0x2027”
PS:
This is my Nethserver config:
Just google it. And as far as i see, config file it is better to upload into Fritz Box rather then webui configuration.
http://wiki.securepoint.de/index.php/IPSec_-_Fritzbox
hey @Hunv ! could be please tell me were u able accomplish it? I am also trying to configure nethserver with fritzbox. i tried alot of solutions but my nethserver tunnel remains red. and fritzbox is getting same error IKE-Error 0x2027.
I would really appreciate your help.