[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Internet Protocol Security

Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite.

Share tech news, updates, or what's on your mind.

Sign up to Post

WordPress site getting SPAMMED, not sure how to stop it.

My website, FortressHarvard.com

has a Download button, and when you fill your Name and Email, then click the button, you get an email with the URL to my book's Preface and Chapter 1. Also, I get an email to my "info@" email's inbox with the name and email of the person requesting the downloading.

I am getting spammed there, by some sort of robot, and do not know how to stop it.

This started yesterday morning, and continued every few minutes, non-stop. I even added a CAPTA requirements this morning, but that had no impact.

How do I stop this SPAM?

Thanks
0
Discover the Answer to Productive IT
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

Working to establish IPsec Site-to-Site VPN, the local network is 192.168.0.x behind a Cisco RV130W and far end has a Cisco NSA 2600 and also has a pre-existing VPN with the 192.168.0.x subnet. The tunnel needs to support a single host on each end.

Is it possible to assign a 2nd IP Address to the PC in my network, say 10.10.20.2, and use this for the VPN?
0
Morning, I am trying to setup a Windows 2016 VPN via LT2P but keep getting the below error.
Anyone know what I can do to fix it?

During main mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
Local Network Address:      172.16.0.139
Remote Network Address:      172.16.66.10
Keying Module Name:      IKEv1
0
How does password reset works in international locations with MFA.  Here in US I can input a phone number in AD Mobile field. example +1-415-111-1111
Then it sends a code to the phone and you confirm.  Would it work with international locations?  Example China +86-180-1111-1111

https://passwordreset.microsoftonline.com/
0
Internet (ISP) ----> CISCO 891 ----> Ubuntu Server [Another Country/City] (IPSec or smthing) ------]
                                                                                       Internet (ISP) <------ CISCO 891 <---------------------]

Can i configure the my home CISCO router to connect to another VPN Server and give access to my home computers to the internet from this Server?
0
Has been almost a year that I switch to Auth0 in order to manage my customer's access to the dashboard of my application. Nowadays I need to implement access for a RESTFULL API.

If I follow the instructions in order to secure the NodeJS app using JWT it works like a charm. The issue is that I am not properly sure on the implementation for the end user in order to get the token needed for access this API.

I thought of creating the tokens on the dashboard or just use a server side implementation for the login/authentication. I did the last using the access to my own database before and worker amazingly. My issue is that I am not completely sure on how to do it for the end user using Auth0.

Would be great if you can guide me in order to implement the login/authentication side of the API using auth0 and nodejs.
0
Hello,
how I can know the imo and botim server block so I can blocked under my firewall ?
thanks.
0
I have multiple sites on my internal network all connected with IPSec tunnels.   Each site has a Windows domain controller.  In addition to the domain controller, each site also has a NAS which serves as a file server.   My issue is this.    I want to publish a specific DNS name within one of the internal zones.   Assign each site a version of this name that points to the local NAS device.      I have all the IP information defined in sites and services.   When I have the DNS name something like mydnsname.mydomain.com I want the systems to return the IP of the local device.  What I'm seeing is from corporate, when I reference the device I'm getting random responses from across all of the offices.    
  Is there a way to make DNS prefer IP's on the site I sit on instead of round robin looking through the list of available servers?
0
Hi,

I have a problem to establish call session between two sites over gre tunnel ipsec. The tunnel is up but I am Unable to set a call. I think the problem is Nat but I don't know how to fix it.  It's seems like the traffic were blocked in the beginning of the tunnel.

You can see the configuration files in attached.

 

Best Regards,

 

Aristide
0
Dear expert,

I have bought a Samsung smart TV. I am looking for trusted and secure IPTV to install it. And secure IPTV vendor including Bein Sport, OSN, US channels, UK BBC...etc

a friend of mine advice me to install KODI but it is showing on the samsung store.

Thank you in advance.
0
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

Hi guys

As part of the last question I asked about firewall rules, I am looking at our firewall right now and monitoring the traffic. I'm looking at the traffic between VPN connections from our stores to a main server. These stores are all using the same application to communicate with the server. However, I'm looking at the server and it is receiving connections from our various stores, but every single store is communicating via a different port. So one store will be coming through port 4274. The other one will send it via port 4288. My point is, are applications specifically written in this way to prevent security breaches from happening by constantly randomising their port sequences so that they can't be 'guessed' by a malicious attacker?

And if that is the case, surely going back to the answers being given previously, this does warrant the ability for the 'ANY' ports to be open from site A to site B via VPN.

Thank you
Yash
0
I have a watchguard M270, the customer has a hosted server they connect to via ipsec. What policy could I enable to allow the ipsec vpn outbound.
0
Hi all,
I have a FW problem,
I've got two fortigate firewalls connected by IPsec VPN which is working great. users can connect to the main site also with SSL VPN. The problem is that when an SSL VPN user can't get to the remote site computes,
The main site address is 192.168.1.0/24,
The remote site address is 10.0.0.0/24
The SSL VPN address is 172.16.0.(100-110).
The phase 2 in the IPsec VPN is configurd with 0.0.0.0 and I've tried all the policies from the cookboos I could find but I still can't get it to work. The SSL Tunnel is split and the remote site address is configure in it.
What am I doing wrong?
Is there any suggestions on how can I resolve it?

Thanxs in advance
0
ipsecvpn.JPG




We  have  a network similar  to the diagram  shown above ,,
And  we  want  to configure IPSEC  IKv1 VPN between 2  sites .  we  have  A cisco  4321 Router at Branch A and  A Palo Alto firewall on  the  other end  …

After  doing  the well known configuration provided by Cisco at

https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/119425-configure-ipsec-00.html

we found  that  we  still could not  form  a successful a tunnel  between sites ,,   ..  
we  think that  there  a hope or a firewall somewhere in the  WAN path  blocking or  filtering
the  IKEv1  traffic  and  ICMP

so  the Questino consist of  two  parts :-

First :-   Kindly  provide  us  with  your suggestion regarding the proper an optimim configuration for the
Devices  at  both ends

Second :-   In  the  WAN  how  could  we  specify  the hop that  filter that traffic exactly ?
                          We  want  to prove that one hop is blocking or filtering IKv1 and ICMP traffic
              Then how could we find and prove that it  prevents specific data traffic  ?
0
On a Fortigate I wish to send traffic from an internal subnet through an IPSec VPN rather than straight out to the internet.

I have created a Policy Route as follows, but traffic still goes out the internet interface and not though the VPN.

Here's the config - testing traffic coming from IP 172.16.1.59 goes to the VPN 'test2'

Thanks

Capture.PNG
0
I'm trying to setup a IPSEC VPN tunnel between a Draytek 2860 and a Cisco ASA 5520.

I did manage to establish the VPN connection before but now I am unable to connect. Here are the logs from Draytek Syslog

2018-08-13 01:41:29	 [IPSEC][L2L][5:WMH_PXP1][@xx.xxx.x.xxx] IKE link timeout: state linking
 2018-08-13 01:41:26	 IKE <==, Next Payload=ISAKMP_NEXT_N, Exchange Type = 0x5, Message ID = 0x0
 2018-08-13 01:41:20	 IKE <==, Next Payload=ISAKMP_NEXT_N, Exchange Type = 0x5, Message ID = 0x0
 2018-08-13 01:41:16	 IKE ==>, Next Payload=ISAKMP_NEXT_KE, Exchange Type = 0x2, Message ID = 0x0
 2018-08-13 01:41:16	 Accept Phase1 prorosals : ENCR OAKLEY_AES_CBC, HASH OAKLEY_SHA
 2018-08-13 01:41:16	 IKE <==, Next Payload=ISAKMP_NEXT_SA, Exchange Type = 0x2, Message ID = 0x0
 2018-08-13 01:41:16	 IKE ==>, Next Payload=ISAKMP_NEXT_SA, Exchange Type = 0x2, Message ID = 0x0
 2018-08-13 01:41:16	 [IPSEC/IKE][L2L][5:WMH_PXP1][@xx.xxx.x.xxx] Initiating IKE Main Mode
 2018-08-13 01:41:16	 Initiating IKE Main Mode to xx.xxx.x.xxx
 2018-08-13 01:41:16	 Dialing Node5 (WMH_PXP1) : xx.xxx.x.xxx

Open in new window

0
Because I am taking over for an ex-employee, I am tasked with finding out why a visitor who's logged in session times out 24 hours after inactivity can still see certain things that they should only be able to see when logged in, like special pricing. It was originally designed this way, because the boss wanted government customers who have logged in at some point to always be able to see their government pricing, whether they were currently logged in or not. Now, that decision has been reversed, and we only want them to see their government pricing if their current logged in session is valid.

we use Symfony2 on Unix / Apache if that matters

I have no idea if it's a cookie, a session, or whatever else

I know we utilize both but I don't know if the answer lies in either place
0
I'm looking to put together a document that basically states why we need to replace 5 or 6 switches and need a template that will have ROI, business reasoning for the change and possibly cost analysis.  I'm not familiar with the process, but I would like to get this going and I'm assuming there might be some type of template available?  

I'm also looking into proposing an ISE implementation as well and also need some type of documents or templates for completing this as well.  We presently have 3560s in the environment and we're looking to replace these devices with the latest and greatest that will also be OSPF complaint as well as ISE complaint we well.

From the ISE point-of-view, we might be looking to having a virtual appliance and also wanted to the know the pros/cons to this as opposed to having a physical device, if any.  Maybe the difference in cost as well.
0
I have a Netgear FVS318N, and it has worked great for our needs in a small business.
 Of  Course netgear is no longer  Supporting any utm or small business fire wall VPN routers.
What is a good alternative to this level of a fire wall with good VPN
IPsec or SSL VPN.
We really don't wanna spend $2000 or even a $1000 is there anything in that mid range? the netgear FVS318 and was only about $200.
 any suggestions thanks
0
HTML5 and CSS3 Fundamentals
LVL 12
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Draytek to Cisco ASA IPSEC vpn issue
I am sure its just a mismatch but wondered if anyone with more knowledge can tell me what to change on draytek to get it to connect.

Draytek set to
Dial Out
IKEv1
Pre shared key entered
High (ESP)
AES (with encryption)
  Phase 1 proposal : auto
  Phase 2 Proposal : AES256_SHA256
Key 1 lifetime : 86400
Key 2 Lifetime : 3600
PFS : enable
Local ID blank


Here is the cisco config for VPN

crypto ipsec ikev1 transform-set ESP-AES256-SHA esp-aes-256 esp-sha-hmac

crypto ikev1 policy 5
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400


crypto map site-to-site 100 match address CCTV-TSI-VPN
crypto map site-to-site 100 set pfs
crypto map site-to-site 100 set peer 8x.xx.xx.xx
crypto map site-to-site 100 set ikev1 transform-set ESP-AES256-SHA
crypto map site-to-site 100 set security-association lifetime seconds 3600
crypto map site-to-site 100 set security-association lifetime kilobytes 4608000
0
Hi Experts

Could you point if  phpCAS that uses API for authenticating users against a CAS server (WebSSO CAS) could be integrated at an existing Codeigniter project?

CAS - Central Authentication Server

I'm implementing a SSO (Single Sign-On)  funcionality to allow a web app conexion based on user id and  correspondent user's data obtained from LDAP (AD-Active Directory)

phpCAS

I'm planning to implement the SSO functionality at PHP Codeigniter's site index.php.

Thanks in advance!
0
Scenario 10
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two CSR1000V hub routers configured with dual hub dual cloud Phase 3 DMVPN.
0
I have 2 sites connected via IPsec VPN but I cannot connect to services across this VPN.

 

The tunnel is active and I can send ICMP in either direction but I can't connect to any of the internal resources. This had been working previously for a while (years) without issue and just recently cropped up, no changes have been made to the networks.

 

Site A: 192.168.1.0/24
Using a Ubiquiti EdgeMax Router firmware 1.10.5

Site B: 192.168.2.0/24
Using a Cisco RV042

 

auto-firewall-nat-exclude is enabled, can ping across VPN, running latest firmware, rebooted device, rekeyed the tunnel, destination server firewall is allowing incoming traffic

 

Here is my tunnel sa and a ping showing that I can get across.

 

unifisa.PNG
 

I can also ping from the remote site to 192.168.1.0/24

 

From Site A I can access a local website at Site B, but I cannot connect to local resources at Site A from Site B which is what we really need.
0
Scenario 9
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two CSR1000V hub routers configured with single tier Phase 3 DMVPN Cloud.
0
Scenario 8
This article is about building Dynamic Multipoint VPN tunnels in Cisco CSR1000V router with IOS XE. There are two spoke routers connected to single tier Phase 3 DMVPN Cloud hosted on CSR1000V router.
0

Internet Protocol Security

Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite.

Top Experts In
Internet Protocol Security
<
Monthly
>