Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 17 days ago.
Improve this question
I try to connect with strongswan client to a IPsec server with IKEv2 but I receive the following error:
charon[1423]: 09[ENC] parsed IKE_SA_INIT response 0 [ SA KE No ]
charon[1423]: 09[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
charon[1423]: 09[IKE] no private key found for 'MY.LOCAL.IP'
I think I don't need a private key, because I only have a PSK and the other server doesn't know any public key of me.
My ipsec.conf:
# basic configuration
config setup
# strictcrlpolicy=yes
# uniqueids = no
# Add connections here.
conn testconn
auto="start"
compress="no"
esp="aes256-sha2_256_96"
ike="aes256-sha2_256-modp2048"
ikelifetime="28800"
keyexchange="ike"
keylife="3600"
left="MY.LOCAL.IP"
leftsubnet="MY.LOCAL.IP/32"
rekeymargin="540"
right="IP.OF.THE.EXTERNAL.SERVER"
rightauth="psk"
rightsubnet="LOCAL.IP.OF.THE.EXTERNAL.SERVER/32"
type="tunnel"
How can I config strongswan to use PSK only and no key authentification?
Both, leftauth and rightauth must be set to PSK
leftauth="psk"
rightauth="psk"
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 days ago.
Improve this question
I ve a local webserver. I use it for my guests to scan QR Codes and order/view menus etc. The server has local IP "10.0.0.250" , available to all guests and the domain name is "orderfood.gr" (Static dns set on Mikrotik orderfood.gr = IP 10.0.0.250). I am redirecting all port 53 traffic to the router in order to avoid guests with static DNS such as 8.8.8.8, 1.1.1.1 etc (and that works fine). However some mobiles cannot translate the IP of the domain. After struggling i've found that most times this happens is because of the Private DNS service (set ON by default on some mobiles). Is there a way i can prevent this from happening ?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I'm trying to setup Wireguard on a desktop at a remote location. I haven't been able to connect, unfortunately, from the client end. I'm a little new to this, so I apologize for any foolish questions.
I noticed that my computer has been given an IPv4 address and an IPv6 one based on ipv6-test.com:
IPv4: 73.57.249.195
IPv6: 2001:18c:201:f070:ed21:d822:cab2:85xx
Here is my tunnel on the server-side:
[Interface]
PrivateKey = KEY
ListenPort = 51820
Address = 10.12.34.5/32, fd43:43:43::7/128
[Peer]
PublicKey = KEY
PresharedKey = KEY
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1
Here is my client config file:
[Interface]
PrivateKey = KEY
Address = 10.12.34.5/32, fd43:43:43::7/128
DNS = 8.8.8.8, 8.8.4.4
[Peer]
PublicKey = KEY
PresharedKey = KEY
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1
Endpoint = 73.57.249.195:51820
I'm not exactly sure what to set the port and address to, specifically. Perhaps that is where I'm off? Any and all help would be deeply appreciated. Excited to get my first instance of WireGuard going.
Looks like both ends are trying to use the same set IPv4/v6 addresses (10.12.34.5/32, fd43:43:43::7/128) inside the tunnel.
Aside from that, assuming the keys are right and there's no firewall blocking things, it looks like it should be good, so long as the client-end initiates so the server can "learn" its externally-addressable endpoint.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
Using static routes is it possible to access a host with an IP address of 1.2.3.4 on port 4000 that is connect to rtrnode on a wlan network that has a public ip address of x.x.x.14 from a remote host (h1)?
h1 -------router-------INTERNET-------(public IP(x.x.14)) = rtrnode(1.2.3.3)---------destination(1.2.3.4)
NO: Unless:You tunnel. This way the foreign LAN is a hop from the LAN you are on according to the routers on both ends that handle the packetizing and perform the VPN. It is easiest to set this up using firewalls like : PFSense or the likes. This link explains, there are many more: http://www.makeuseof.com/tag/vpn-tunnel-set/. You cannot route across the Internet with static routes unless you have control over the routers that are routing. They run BGP and will direct your traffic to the valid IP you are incorrectly using in your private LAN.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I want the IP address of https://sfbay.craigslist.org.
C:\Users\dude>ping https://sfbay.craigslist.org
Ping request could not find host https://sfbay.craigslist.org.
Please check the name and try again.
So, I tried nslookup. None of the IP's in the output allow me to connect to the website using a browser. How do I get the right IP & connect ?
C:\Users\nisum>nslookup https://sfbay.craigslist.org/
Server: cachens1.paetec.net
Address: 66.155.216.122
Non-authoritative answer:
Name: https://sfbay.craigslist.org/
Addresses: 104.239.198.84
198.105.254.65
Pings usually don't include the protocol. The command below worked for me.
ping sfbay.craigslist.org
you can't access to this webSite with the adresse IP because : this domain name is one of many subdomain that use one adresse IP : 208.82.237.2, for this you can just access with a Sub DNS.
here is the main site with details :
Details of 208.82.237.2
IP Address : 208.82.237.2
Location : United States (95% accuracy)
Host Name : cities.craigslist.org
you can use this link to test it : www.hcidata.info
also you can refer to this link : StackOverFlow
Maybe
Ifconfig sfbay.craigslist.org
Or
dig sfbay.craigslist.org
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I have followed these instructions:
http://aws.amazon.com/articles/0639686206802544
I can ping the VPN endpoints and I have the corresponding VPC CIDR pointing to the EC2 instance in the route table. Here is my config:
port 1194
proto udp
dev tun
# Remote peer and network
remote Elastic_IP
# Configure local and remote VPN endpoints
ifconfig 169.254.255.1 169.254.255.2
# The pre-shared static key
secret /etc/openvpn/ovpn.key
keepalive 10 120
persist-key
persist-tun
log /var/log/openvpn.log
verb 3
I can ping the OpenVPN instances and the corresponding endpoints however I still can't ping other private IP's in the other subnet.
I've added a persistent route to send the traffic through the gateway. Anything else I should look at?
Make sure you have the Source/dest checks turned off in the ENI for your VPN instance.