VPN between Ubuntu server (14.04.1 LTS ) AND Cisco ASA 5510
I finally managed to set up the tunnel. I can now ping the host behind the Cisco ASA device. Originally, I wanted a GUI tool, but I realized the digitalocean VPS console access has a wrong mouse pointer so I kept running into problems trying to use GUI tools like vpnc in the method described here. I ended up using openswan. Here is how.
-
Install openswan.
sudo apt-get install openswan
-
Enable kernel IP packet forwarding and disable ICP redirects
echo "net.ipv4.ip_forward = 1" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.all.accept_redirects = 0" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.all.send_redirects = 0" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.default.rp_filter = 0" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.default.accept_source_route = 0" | tee -a /etc/sysctl.conf echo "net.ipv4.conf.default.send_redirects = 0" | tee -a /etc/sysctl.conf echo "net.ipv4.icmp_ignore_bogus_error_responses = 1" | tee -a /etc/sysctl.conf
sysctl -p
-
Configure Openswan. The file is
/etc/ipsec.conf
Here's how mine ended up looking like;config setup dumpdir=/var/run/pluto/ nat_traversal=yes virtual_private=%v4:!,%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10 oe=off protostack=netkey plutostderrlog=/var/log/openswan.log force_keepalive=yes keep_alive=60 conn myVpnConn authby=secret pfs=no auto=start keyingtries=%forever ikelifetime=8h keylife=1h ike=3des-md5;modp1024 phase2alg=3des-md5 type=tunnel leftsourceip=202.x.x.101 #my_local_ip aka encryption domain left=202.x.x.100 aggrmode=no right=41.x.x.x rightsourceip=172.x.x.x dpddelay=10 dpdtimeout=3600 dpdaction=restart
-
Start ipsec/openswan
service ipsec start
That was it in a short summary.
I stumbled upon well written articles showing how to configure openswan vpn.
Related videos on Youtube
Олег Гаврилів
Updated on September 18, 2022Comments
-
Олег Гаврилів over 1 year
After build I have ear file. Also in ear I have property file: my.ear\APP-INF\classes\resources\schemas\property.json. And I need to read this file in my code. How can I do that, cause :
Thread.currentThread().getContextClassLoader() .getResourceAsStream("resources/schemas/" + schemaArray[i])
Always return
null
. The class when I try to do that is loaded withModuleClassLoader
and I suppose it is the main issue. In the WebLogic server the same code works good and classloader:weblogic.utils.classloaders.GenericClassLoader@4b36a40b