-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
possibility to connect via IPSec Xauth PSK #69
Comments
Not sure about Xauth - @badnetmask or @ueno do you know? As far as managed host to external one - I believe the recent commit c80969d allows this - can you use the role from github, or would you prefer a Galaxy release? |
Xauth requires IKEv1, which has been deprecated since RHEL 8 has been released, as well as SHA1 which has been deactivated in the RHEL 9 default crypto policy, so adding support for this feature would require jumping through hoops and loops. As to the case of managed/external hosts, yes, it sounds like what you want has already been implemented by #65 (merged into the main branch, just not released as a package yet). |
alright then, i think that to connect to "old-school" routers i might implement my own new role using the "vpnc" providers as they mention here too: https://serverfault.com/questions/162603/how-to-connect-to-a-ipsec-vpn-with-preshared-key-and-xauth-from-linux
i will have a look. is there any sign of this in any of the READMEs ? if so, could you provide a reference? |
Hmm - the vpn role does support RHEL7 https://github.com/linux-system-roles/vpn/blob/master/meta/main.yml#L15
|
Fitzbox routers can act as IPsec VPN servers on standard ports, but they required the use of the Xauth PSK protocol since user authentication is needed.
is it possible to configure the playbook to achieve this?
and also: is it possible to establish a connection between one managed host and an external one, like in this case https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/securing_networks/assembly_configuring-vpn-connections-with-ipsec-by-using-the-rhel-vpn-system-role_securing-networks:
The text was updated successfully, but these errors were encountered: