IPsec VPN For Fedoara 12

[irishxlink]

So i upgraded for Fedora 14 and I purchased the awesome IPsec VPN on my fedora 14 install and everything worked great. Then i found out my "raid box" didn't have native drivers for F14, (i also kept getting errors when building my raid box drivers from source and had to keep doing a modprobe for the card to read, so i went back to Fedora 12) My question is how possible is it to get IPsec working with Fedora 12. Is there any way to manually change some configuration files.

Right now I can install the web app and i can access my server via ip address but not from host name. So this means i can't access my web apps. I can access some apps via specific port numbers such as sickbeard and Sabnzbd but if it doesn't use specific port numbers i can't access it right now. Am i wrong in thinking that because of this it is giving our ip address' like it should and this is more of a dns issue?

If this is possible awesome, if not well i guess i will start to pester High Point Tech to build some native fedora 14 drivers.

[bigfoot65]

I am surprised you were able to install the web app in Fedora 12. We built it in Fedora 14 and there was no Fedora 12 version.

Check the app install log in /var/log dir to see if it installed cleanly. There may be some steps that did not complete due to this being Fedora 12.

We might be able to help with those depending on what you find out. Quite honestly I would be pestering them to build drivers as Fedora 12 is end-of-life so Fedora will not support/update it any more.

Fedora 16 for Amahi is in the works, so might want to get ready for that as well.

[irishxlink]

Thanks for taking the time to even look. I sent them a long email requesting support for fedora 14 and fedora 16. Lets hope i get a response. It seems to have actually installed correctly. Unless there is another log i should be looking at.

Although there does seem to be a good amount of errors and warnings in the racoon.log (2nd set) i added that starting from dec 2nd. If it is possible to take a look and help that would be awesome. If it takes to much time then dont worry about it, i dont want to take your time away from other things. I know you have a lot of stuff in development at the moment. Thanks again for even taking a look.

-----------------------------------------------------------------------------------------------------
======= app install begin @ Mon Dec 05 13:25:53 -0500 2011 ==========
Installing app id pxp2f0xm36 under /var/hda/platform/html ENV=production
Your HDA services have been restarted.
Your HDA services have been restarted.
App: IPsec VPN installed
======= app install end @ Mon Dec 05 13:26:27 -0500 2011 ==========
======= app uninstall begin @ Mon Dec 05 13:27:02 -0500 2011 ==========
Uninstalling app id pxp2f0xm36 under /var/hda/platform/html ENV=production
Your HDA services have been restarted.
App: IPsec VPN uninstalled
======= app uninstall end @ Mon Dec 05 13:27:05 -0500 2011 ==========
======= app install begin @ Mon Dec 05 13:27:27 -0500 2011 ==========
Installing app id pxp2f0xm36 under /var/hda/platform/html ENV=production
Your HDA services have been restarted.
Your HDA services have been restarted.
App: IPsec VPN installed
======= app install end @ Mon Dec 05 13:27:37 -0500 2011 ==========
---------------------------------------------------------------------------------------------


------------------------------(2nd set - racoon.log)------------------------------------------

2011-12-03 09:06:19: ERROR: Invalid exchange type 243 from 99.243.85.70[55038].
2011-12-03 09:06:20: ERROR: Invalid exchange type 243 from 99.243.85.70[55038].
2011-12-03 09:06:22: ERROR: Invalid exchange type 243 from 99.243.85.70[55038].
2011-12-03 09:06:26: ERROR: Invalid exchange type 243 from 99.243.85.70[55038].
2011-12-03 14:42:49: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2011-12-03 14:42:59: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2011-12-03 14:44:26: ERROR: phase1 negotiation failed due to time up. 118438387613de05:61076dac162c7351
2011-12-03 14:44:39: ERROR: phase1 negotiation failed due to time up. 1a6ade6dc91e37f7:18ecb7029c5c3deb
2011-12-03 14:44:44: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2011-12-03 14:44:54: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.
2011-12-03 14:44:54: WARNING: Ignored attribute INTERNAL_ADDRESS_EXPIRY
2011-12-03 14:44:54: WARNING: Ignored attribute 28683
2011-12-03 14:44:55: ERROR: such policy does not already exist: "10.8.1.1/32[0] 192.168.10.0/24[0] proto=any dir=in"
2011-12-03 14:44:55: ERROR: such policy does not already exist: "10.8.1.1/32[0] 192.168.10.0/24[0] proto=any dir=fwd"
2011-12-03 14:44:55: ERROR: such policy does not already exist: "192.168.10.0/24[0] 10.8.1.1/32[0] proto=any dir=out"
2011-12-03 14:46:24: ERROR: phase1 negotiation failed due to time up. b92f91a59a742c84:d201dde029a4258a
2011-12-03 17:47:21: NOTIFY: the packet is retransmitted by 166.137.137.28[23976] (1).
2011-12-03 17:47:21: WARNING: the packet retransmitted in a short time from 166.137.137.28[23976]
2011-12-03 17:47:21: NOTIFY: the packet is retransmitted by 166.137.137.28[23976] (1).
2011-12-03 17:47:24: NOTIFY: the packet is retransmitted by 166.137.137.28[23976] (1).
2011-12-03 17:47:33: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2011-12-03 17:47:34: NOTIFY: the packet is retransmitted by 166.137.137.28[23976] (1).
2011-12-03 17:47:40: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.
2011-12-03 17:47:45: WARNING: Ignored attribute INTERNAL_ADDRESS_EXPIRY
2011-12-03 17:47:45: WARNING: Ignored attribute 28683
2011-12-03 17:47:45: ERROR: such policy does not already exist: "10.8.1.1/32[0] 192.168.10.0/24[0] proto=any dir=in"
2011-12-03 17:47:45: ERROR: such policy does not already exist: "10.8.1.1/32[0] 192.168.10.0/24[0] proto=any dir=fwd"
2011-12-03 17:47:45: ERROR: such policy does not already exist: "192.168.10.0/24[0] 10.8.1.1/32[0] proto=any dir=out"
2011-12-03 17:48:07: ERROR: Wrong DPD sequence number (201, 203 expected).
2011-12-03 17:48:07: ERROR: Wrong DPD sequence number (202, 203 expected).
2011-12-03 17:48:23: ERROR: Wrong DPD sequence number (204, 205 expected).
2011-12-03 17:48:37: ERROR: Wrong DPD sequence number (206, 207 expected).
2011-12-03 17:49:01: ERROR: phase1 negotiation failed due to time up. d14e9ba89e1d1fd7:145aae03e7d82193
2011-12-03 17:49:14: ERROR: Wrong DPD sequence number (209, 212 expected).
2011-12-03 17:49:14: ERROR: Wrong DPD sequence number (209, 212 expected).
2011-12-03 17:49:14: ERROR: Wrong DPD sequence number (210, 212 expected).
2011-12-03 17:49:14: ERROR: Wrong DPD sequence number (211, 212 expected).
2011-12-03 17:49:18: ERROR: Wrong DPD sequence number (212, 213 expected).
2011-12-04 17:58:12: ERROR: Invalid exchange type 243 from 109.76.221.163[500].
2011-12-04 17:58:16: ERROR: Invalid exchange type 243 from 109.76.221.163[500].
2011-12-04 17:58:16: NOTIFY: the packet is retransmitted by 109.76.221.163[500] (1).
2011-12-04 17:58:20: ERROR: Invalid exchange type 243 from 109.76.221.163[500].
2011-12-04 17:58:20: NOTIFY: the packet is retransmitted by 109.76.221.163[500] (1).
2011-12-04 17:59:52: ERROR: phase1 negotiation failed due to time up. 1d40ae6febcab5d2:eeb9cfe86cd86e1b
2011-12-04 18:23:48: ERROR: Invalid exchange type 243 from 112.205.148.152[500].
2011-12-04 18:23:50: ERROR: Invalid exchange type 243 from 112.205.148.152[500].
2011-12-04 18:23:52: ERROR: Invalid exchange type 243 from 112.205.148.152[500].
2011-12-04 18:23:56: ERROR: Invalid exchange type 243 from 112.205.148.152[500].
2011-12-04 23:47:44: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2011-12-04 23:47:57: NOTIFY: the packet is retransmitted by 166.137.139.73[49179] (1).
2011-12-04 23:47:57: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.
2011-12-04 23:47:58: WARNING: Ignored attribute INTERNAL_ADDRESS_EXPIRY
2011-12-04 23:47:58: WARNING: Ignored attribute 28683
2011-12-04 23:47:58: ERROR: such policy does not already exist: "10.8.1.1/32[0] 192.168.10.0/24[0] proto=any dir=in"
2011-12-04 23:47:58: ERROR: such policy does not already exist: "10.8.1.1/32[0] 192.168.10.0/24[0] proto=any dir=fwd"
2011-12-04 23:47:58: ERROR: such policy does not already exist: "192.168.10.0/24[0] 10.8.1.1/32[0] proto=any dir=out"
2011-12-04 23:48:59: ERROR: Cannot record event: event queue overflow
2011-12-04 23:49:23: ERROR: phase1 negotiation failed due to time up. 0cbc1a4f6d6d5da0:2a66512c0051735a
2011-12-05 11:49:26: ERROR: Invalid exchange type 243 from 85.58.193.186[500].
2011-12-05 11:49:28: ERROR: Invalid exchange type 243 from 85.58.193.186[500].
2011-12-05 11:49:30: ERROR: Invalid exchange type 243 from 85.58.193.186[500].
2011-12-05 11:49:35: ERROR: Invalid exchange type 243 from 85.58.193.186[500].
2011-12-05 13:27:00: INFO: @(#)ipsec-tools 0.7.3 (http://ipsec-tools.sourceforge.net)
2011-12-05 13:27:00: INFO: @(#)This product linked OpenSSL 1.0.0-fips-beta3 15 Jul 2009 (http://www.openssl.org/)
2011-12-05 13:27:00: INFO: Reading configuration from "/etc/racoon/racoon.conf"
2011-12-05 13:28:06: INFO: @(#)ipsec-tools 0.7.3 (http://ipsec-tools.sourceforge.net)
2011-12-05 13:28:06: INFO: @(#)This product linked OpenSSL 1.0.0-fips-beta3 15 Jul 2009 (http://www.openssl.org/)
2011-12-05 13:28:06: INFO: Reading configuration from "/etc/racoon/racoon.conf"

[bigfoot65]

I am sorry, I cannot be of much assistance with this one. I don't have the experience to help. I am sure there are some who may be able to shed some light though. You might consider stopping by the IRC and seeing if anyone there can assist.

[irishxlink]

No worries man, thanks for at least taking the time to look bigfoot. I Appreciate it. Also thanks for all the crazy cool apps you have been porting and publishing.