VPN between Ubuntu server (14.04.1 LTS ) AND Cisco ASA 5510

vpn cisco ipsec openswan

144

I finally managed to set up the tunnel. I can now ping the host behind the Cisco ASA device. Originally, I wanted a GUI tool, but I realized the digitalocean VPS console access has a wrong mouse pointer so I kept running into problems trying to use GUI tools like vpnc in the method described here. I ended up using openswan. Here is how.

Install openswan.
```
sudo apt-get install openswan
```

Enable kernel IP packet forwarding and disable ICP redirects

echo "net.ipv4.ip_forward = 1" |  tee -a /etc/sysctl.conf
echo "net.ipv4.conf.all.accept_redirects = 0" |  tee -a /etc/sysctl.conf
echo "net.ipv4.conf.all.send_redirects = 0" |  tee -a /etc/sysctl.conf
echo "net.ipv4.conf.default.rp_filter = 0" |  tee -a /etc/sysctl.conf
echo "net.ipv4.conf.default.accept_source_route = 0" |  tee -a /etc/sysctl.conf
echo "net.ipv4.conf.default.send_redirects = 0" |  tee -a /etc/sysctl.conf
echo "net.ipv4.icmp_ignore_bogus_error_responses = 1" |  tee -a /etc/sysctl.conf

sysctl -p

Configure Openswan. The file is /etc/ipsec.conf Here's how mine ended up looking like;

config setup
        dumpdir=/var/run/pluto/
        nat_traversal=yes
virtual_private=%v4:!,%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10
        oe=off
        protostack=netkey
        plutostderrlog=/var/log/openswan.log
        force_keepalive=yes
        keep_alive=60
conn myVpnConn
    authby=secret
    pfs=no
    auto=start
    keyingtries=%forever
    ikelifetime=8h
    keylife=1h
    ike=3des-md5;modp1024
    phase2alg=3des-md5
    type=tunnel
    leftsourceip=202.x.x.101    #my_local_ip aka encryption domain
    left=202.x.x.100
    aggrmode=no
    right=41.x.x.x
    rightsourceip=172.x.x.x
    dpddelay=10
    dpdtimeout=3600
    dpdaction=restart

Start ipsec/openswan

service ipsec start

That was it in a short summary.

I stumbled upon well written articles showing how to configure openswan vpn.

144

Олег Гаврилів

Updated on September 18, 2022

Comments

Олег Гаврилів over 1 year
After build I have ear file. Also in ear I have property file: my.ear\APP-INF\classes\resources\schemas\property.json. And I need to read this file in my code. How can I do that, cause :
```
Thread.currentThread().getContextClassLoader()
                      .getResourceAsStream("resources/schemas/" + schemaArray[i])
```
Always return null. The class when I try to do that is loaded with ModuleClassLoader and I suppose it is the main issue. In the WebLogic server the same code works good and classloader: weblogic.utils.classloaders.GenericClassLoader@4b36a40b