|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen and IPSEC
We have used Xen 2.0.7 very successfully for this in the ISCS network security management project (http://iscs.sourceforge.net). These are moderately large production deployments with very complex security within the tunnels and X.509 certificate based access control for remote users using both Openswan for IPSec and OpenVPN for SSL. The deployments have been very, very successful. We have not yet tried it on Xen 3.0.x. We are running Fedora Core 3 - John On Thu, 2006-05-25 at 17:46 +0200, Marcus Carlson wrote: > Hi! > > Has anyone had any problems or tried isakmpd under linux in a domU? > > I've set it up and the tunnel is working just fine, can ping, ssh to the > domU via tunnel, but I can't ping the net behind the router. tcpdump on > the external interface (eth0) reveals it is coming in and being > decrypted, but on the inside interface (eth1) no packages are being > sent. I suppose this is a kernel/ipsec problem but just want to ensure > that it is xen thats causing this troubles. > > My setup: Xen 3.02 (debian package), Dom0: Debian unstable, domU; debian > stable with kernel modules from unstable. > > Thanks for any help! > Marcus > > _______________________________________________ > Xen-users mailing list > Xen-users@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-users -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan@xxxxxxxxxxxxxxxxxxx Financially sustainable open source development http://www.opensourcedevel.com _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |