ipsec

IPSec AES 256 encryption in Windows XP with Service Pack 3?

Does IPsec in Windows XP Sp3 support AES-256 encryption? Update: Windows IPsec FAQ says that it's not supported in Windows XP, but maybe they changed it in Service Pack 3? http://www.microsoft.com/technet/network/ipsec/ipsecfaq.mspx Question: Is Advanced Encryption Standard (AES) encryption supported? origamigumby, please specify ...

What are my options for adding and removing IPSec policies on Windows Server with C#?

I want to be able to add or remove IP Security Policies on Windows Server 2003 programmatically with C#. Normally you'd manipulate these policies manaully through the gpedit.msc snap-in (under Windows Settings -> Local Policies -> IP Security Policies on Local Computer). But I need to be able to add IP filter policies through code. An...

Vista IPsec subnet Policy problem

I have a strange problem with Vista IPsec that I am hoping someone can help with. The exact setup below works fine on XP and Windows 7, but not on Vista for some reason: I would like to setup an IPsec tunnel between Windows and a Netgear router so that I can communicate between Windows box and the LAN side (192.168.1.0/24 below) of the ...

Remove IPSEC policy from W2k3 DC

I just can't for the life of me remember. We were setting up IPSEC for a VPN along time ago and added IPSEC that has always caused 1091 1085 errors. We are not using it so I would like to remove it but cant find where. ...

Methods of programatically altering ipsec rules with C#?

Hey stackoverflow, The only method I know how to execute IPsec changes involves calling netsh to do the changes. Is there a method using System.Management and WMI objects directly? If so, what is it? I am having a hard time finding relevant WMI information with MSDN. Or is there some other useful method someone out there has used? EDI...

IPSec is hard to figure out, wanna help?

Hi, i need to fully understand the IPSec Phase 1 negotiation. now, I break this to 3 steps: 1) Algorithm negotiations. 2) Key Exchange Data 3) Identification I'm using wireshark to invastigate the process and so far I fully understands the 1st part (Algorithm Negotiations). My current problem lies in the 2 nd part: Key Exchange Data. T...

Is there a cmdlet in PowerShell 2 to handle ipsec changes?

I am using System.Management.Automation to build a program that serves as a firewall, essentially, and I was wondering if there is a specific cmdlet in PowerShell 2 to handle ipsec changes for a server? (i.e., that duplicates netsh ipsec functionality)? Or would I have to write one? :P I am hoping for a cleaner solution than calling a ...

Using IPsec to secure traffic

I have a client server environment and would like to secure the network traffic using IPsec. What is involved to get this implemented? The application is working fine, I just need to secure the traffic between computers. What do I need - certificates on each computer for example? Do I need to make changes to the socket read/write code? ...

VPN with MySQL database for authentication.

I want to set up a VPN server (via IPSec or PPP etc) but I want the authentication to be dealt by MySQL or other RDBMS... does anyone know an opensource project or an easyway to achieve this...? I'm flexible on linux distro, rdbms or vpn protocol... I urgently need a VPN access point that can be managed easily by a webapp. ...

IPSec help on Windows 2003 please!!

Hey guys, I am trying to configure IPSec between a web and app server in our environment. I want all traffic between these two servers to use IPsec and be encrypted. These servers are on the same domain so i am currently using Kerebos for security, I have also tried pre-defined keys and nothing changed. When I try and ping between the s...

Programming a VPN, Authontication stage - RFC not clear enough

I have a custom build of a Unix OS. My task: Adding an IPSec to the OS. I am working on Phase I, done sending the first 2 packets. What I am trying to do now is making the Identification Payload. I've been reading RFC 2409 (Apendix B) which discuss the keying materials (SKEYID, SKEYID_d, SKEYID_a, SKEYID_e and the IV making). Now, I ...

secure data transport between web server and database server

I'm planning on provisioning a web server and database server in a server farm environment. They will be in the same network but not in the same domain, both windows server 2008 and the database server is sql server 2008. My question being, what is the best way to secure data in transport between the servers? I've looked into IPSEC an...

porting from solaris to linux?

Hi, i am working on ipsecconf command ,by using ipsecconf -a we can Add the IPsec policy to the system as specified by each entry in the file.now i want equivalent command in linux. eg of ipsecconf in solaris: $ipsecconf -a $ ipsecconf -l (Listing of the internal system policy table) #INDEX 9 { rport telnet dir out } ipsec ...

Resources on IPSec and IKE

I have been asked to conduct a study on IPSec and IKE . Can anyone suggest to me good resources to start with . The basics , plus implementations . I do not want to just mug up the protocols . If there are some books or sites which let you make implementations or applications which uses these protocols , it would be helpful. ...

OPENSSL vs IPSEC

Hi guys, just a very general question, but can somebody tell me when I use openSSL and when IPSEC to secure data transfer over the internet? It seems both of them are doing the same, only at different levels of the network protocol. So I am not absolutely sure why we need both of them. Cheers for your help ...

Implementing IPSEC Protocol in java

Hello I want to implement a IPSEC protocol in java. I want to know how to create our own protocol. And how to embedded this protocol with packet. Please provide some code example so that it is easy to understand. ...

What's wrong with those strongswan config files?

Hi I am trying to setup an ipsec tunnel between 2 linux boxes (archlinux) with strongswan 4.4 but I have got errors on both machines that I couldn't solve. moon: ipsec.conf - strongSwan IPsec configuration file basic configuration config setup # plutodebug=all crlcheckinterval=180 strictcrlpolicy=no ...