How to circumvent the "Assistant" secpol.msc and configure State IPsec (esp, spi, enc, auth-trunc) and political (src, dst, in, on, fwd) directly as in the ip-xfrm Linux command?

Right off the bat, the wizard tells me that I can't use a multicast address, when it is the only destination I am interested in security.  Here is exactly what I want to do - no more, no less (although I can use the mode of transport instead of tunnel at some point):

#! / bin/bash

Echo 2 >/proc/sys/net/ipv4/conf/eth0/force_igmp_version

# NOTE: To avoid the possibility of breaking IGMPv2 snooping, src should ONLY be defined for SHIPPERS, NOT for RECEIVERS!  Otherwise, joins will be compromised by the IPsec encryption and the switch will not detect them.

IP xfrm State flush; IP political xfrm hunting

State of xfrm IP add src 10.0.2.15 dst 239.192.1.1 proto esp spi 0x54c1859e tunnel mode reqid 0x67cea4aa auth-trunc hmac\ (sha256\) 128 0xc8a8bf5ce6330699c3500bd8d2637bc1fa26929bab747d5ff2a1c4dddc7ce7ff enc cbc\ (aes\) 0xfdce8eaf81e3da02fa67e07df975c0111ecfa906561e762e5f3e78dfe106498e # aead rfc4106\ (gcm\ (aes\) \) 0x123456789abcdef0baddeed0deadbeeffeedface900df00d0fedcba987654321 128 #Error: duplicate 'ALGO-TYPE': 'aead' is the second value.

xfrm IP strategy add 10.0.2.15 src 239.192.1.1 dst dir output stat CBC 10.0.2.15 dst 239.192.1.1 proto reqid 0x67cea4aa tunnel mode esp

xfrm IP policy add 10.0.2.15 src 239.192.1.1 dst dir in src 10.0.2.15 stat dst 239.192.1.1 proto reqid 0x67cea4aa tunnel mode esp

xfrm IP strategy add 10.0.2.15 src dst 239.192.1.1 dir fwd stat 10.0.2.15 src dst 239.192.1.1 proto reqid 0x67cea4aa esp tunnel mode

A graphical interface which requires me to work in step by step mode (in particular to implement a relatively simple configuration of the shared key) with no idea of what irrelevant or confusing questions await us doing me no favor.  And while this computer uses Windows 7, the eventual target can use something older or newer.  I want to do is create the portable equivalent of a preferred scenario, no instructions to repeat the time-consuming and confusing.  This approach exist?  (I already checked cygwin and there seems to be no support for the ip packet, and even if there were, it seems not support sudo is.)

Hello

Thank you for visiting Microsoft Community and we provide a detailed description of the issue.

I suggest you to send your request in the TechNet forums to get the problem resolved.

Please visit the link below to send your query in the TechNet forums:

https://social.technet.Microsoft.com/forums/en-us/home?category=WindowsServer

Hope this information is useful. Please come back to write to us if you need more help, we will be happy to help you.

Tags: Windows

Similar Questions

  • How to remove the old drivers (hidden) command line?

    Hello

    I want to try to remove all the hidden command prompt devices. There is a way to this topic?

    For example;

    type driverquery on cmd and sort all the lists of hidden devices

    After that type Remove any device (for example) and remove this hidden device

    Thank you.

    Enbiya salvation,

    Thanks for posting in the Microsoft Community.

    You can manually remove hidden devices by following the steps below.

    1. press the key Windows + X key, then select "Device Manager".

    2. from there, select the view > show hidden devices.

    3. now, select the hidden device > right click and select "Uninstall" to permanently delete or 'Disable' to disable the device.

    To find the command prompt commands and settings command line of how to do the same with the command prompt, you can follow the link below and check if it helps.

    Windows Device Console (Devcon.exe)

    https://msdn.Microsoft.com/en-us/library/Windows/hardware/ff544707 (v = vs. 85) .aspx

    Please let us know if the problem is resolved or you need additional assistance.

  • How to get the DBCA in Linux environment

    Hello

    I hv installed Oracle 10 g on SuSe Linux and works very well with the web console
    (http://machine-name:1158 / em /)

    but I hv problems to get the oracle tools that appear in the start menu in the windows installation.
    (DBCA, Net Manager, isqlplus etc..)

    So, how to get the DBCA and other oracle 10g tools in the Linux environment.

    thanx

    Set your path env variable in your .bashrc or .bash_profile file

    export PATH = $ORACLE_HOME/bin: $PATH

    Then just issue the command at the command prompt

    dbca Linux]
    netmgr Linux]

    NB: If you are on a remote computer, you must set the DISPLAY variable too

    or you can directly in your bin folder where you can see all the utilities... you can run it as

    Linux]. / dbca

    Concerning
    Nishant

  • How to write the output of RMAN commands to a log file

    Hi DBAs,

    I must only newspapers archive backup too manually by pulling the controls in the RMAN session without running any script backup.

    The orders happens this way:

    run

    {

    allocate channels ch01 type disk maxpiecesize 7000 M;

    allocate channels ch02 type disk maxpiecesize 7000 M;

    BACKUP tag ArchLogAll FILESPERSET FORMAT of 20 ' / oracledbbackupset/archive_log_bkp_2014_06_18/d_%d_s_%s_p_%p_t_%t.bkp' ARCHIVELOG

    FROM 4410 SEQUENCE AS A SEQUENCE 4599 THREAD 1 REMOVE ALL ENTRIES;

    Ch01 CHANNEL;

    OUTPUT CHANNEL ch02;

    }

    Now, I want the output of these commands to write to a log file in the location /temp/arch.log in parallel executing above commands. I don't care?

    Kind regards

    Ritu

    See the RMAN command SPOOL LOG TO

    http://docs.Oracle.com/CD/E11882_01/backup.112/e10643/rcmsynta2017.htm#RCMRF156

    Hemant K Collette

  • Presario cq42: how to circumvent the systems disable & admin password Compaq presario cq42

    Hey, can someone help me. I get this message
    Enter the password administrator or power on password.

    System to disable the code 85787153

    I'm sorry for my bad English.

    Enter the following unlock code

    30685195

    Once you have done this, be sure and remove the BIOS admin password for this not hanppen not yet.

  • 15 - f039: how to circumvent the systems disable & admin password [new]

    I have a computer when you turn it on the screen is black and has a blue box that says enter password administrator or power on password. After that 3 attempts he said disabled system and has a code of 51022371. It is my mother, she is not sure what happened to fire not go up more and do not remember something about a password. Help, please! Thank you!

    Hello

    Come in:

    44980977

  • How to freeze the quick sign in command-line executable is runing

    Hello

    I have an executable file, that I compiled in Labview and I run from the line of command (CMD) as part of a sequence of commands.

    The command line may look like this example:

    Order #1

    Order #2

    MyLabviewFile.exe

    Order #3

    Order #4

    ....

    Once the exe starts, it works for about 1 minute.

    The problem is that the command line is not locked while the executable is runing and the following command (No. 3 in the example) is sent before the end of the executable. This can be a problem.

    I have to 'freeze' lock the quick sign while the executable is runing and/or have some sort of indication to the INTERIOR of THE LINE of COMMAND when the executable ends. Or any other way to do the #3 command starts only when the executable ends.

    Does anyone have an idea how to do this?

    Instead of using

    MyLabVIEWFile.exe

    use

    cmd /C MyLabVIEWFile.exe

    This will cause the sequence of order hang until the end MyLabVIEWFile.exe of execution.  If your exe/path has spaces, you will need to put quotes around it as such:

    cmd /C "MyLabVIEWFile.exe."

  • HP LaserJet P2050 Series PCL6: How to print the mark using PCL commands

    Our old system is printing of document using PCL commands, previously, only contanins text and barcode (using BARDimm), but we need now to print the mark registered with the name of the company, that the police should I use which has this symbol? Thank you.

    Assuming that your old system uses PCL5. You must first issue a set of symbol code that has a mapping to the registered symbol.  The Windows Latin 5 symbol set has the R symbol maps to chr (174) or (0xAE) said in

    Hex. The first publication of the code for the symbol set...

    (5 T

    and then the character itself

    0xAE

    Now that the characters cannot be entered directly on the keyboard, then you will need to find a way to integrate the character in your print workflow.

    Before the character himself is printed, you should choose a font. For most, if not all, printer fonts probably supports this defined symbol. For the test I used the arial font and it printed fine. The code for arial 12 pt would be...

    (s1p12v0s0b16602T

    Specify police, symbol set and finally the character. When you printed the character that you'll want to come back to the police in the use and the previous symbol set OR you can print the symbol as a secondary font. If you don't know how, ask here.

    I now have the idea how you would do this with PCL6. @dansdaduk can give you good (or bad) news on that.

  • How to fix the bad or missing command interpreter enter the command shell complete

    When I turn the computor says incorrect or missing cmmand interpreter enter the complete command line. How can I fix it?

    Hello

    1 when was the last time it was working fine?

    2. are you able to boot to the desktop?

    3 did you a recent software or changes to the material on the computer?

    Method 1:

    I suggest you try to use the last good known Configuration and try to boot to the desktop.

    Using the last good known Configuration

    http://Windows.Microsoft.com/en-us/Windows-Vista/using-last-known-good-configuration

    I suggest to try to start the computer in safe mode and check.

    Method 2:

    Step 1:

    Start your computer in safe mode

    http://Windows.Microsoft.com/en-us/Windows-Vista/start-your-computer-in-safe-mode

    Step 2:

    This could happen if one of the substantive programmes is in conflict with the proper functioning of your computer. To help resolve the error and other messages, you can start Windows Vista by using a minimal set of drivers and startup programs. This type of boot is known as a "clean boot". A clean boot helps eliminate software conflicts.

    How to troubleshoot a problem by performing a clean boot in Windows Vista or Windows 7 http://support.microsoft.com/kb/929135

    Note: when you are finished troubleshooting, follow step 7, mentioned in the article to start the computer to a normal startup.

    If you area able to isolate the application that could be causing the problem, I suggest you uninstall and check.

    Method 3:

    You can also try the steps mentioned in the link and check out them.

    What to do if Windows does not start correctly

    http://Windows.Microsoft.com/en-us/Windows-Vista/what-to-do-if-Windows-wont-start-correctly

    Important: System Restore affects the Windows system files, programs and registry settings that have been changed recently. It can also make changes to scripts, files, batch and other types of executable files on your computer. System Restore does not affect personal files, such as e-mail, documents, or photos, so it cannot help you restore a deleted file.

    If you use system restore when the computer is in safe mode, you cannot undo the restore operation. However, you can run System Restore again and choose a different restore point if any. You can also create Safe Mode system restore points. System Restore affects the Windows system files, programs and registry settings that have been changed recently. It can also make changes to scripts, files, batch and other types of executable files on your computer. System Restore does not affect personal files, such as e-mail, documents, or photos, so it cannot help you restore a deleted file.

    Hope this helps and keep us informed if you need help.

  • How to decrease the disk hard Linux operating system

    Hello everyone!


    My 4.1 infrastructure

    vCenter

    Cluster with 4 ESXi host

    I installed a VM with OS Linux Centos.

    I attributed a 20 GB of space on its hard drive.

    Virtual machine works ok. But I would like to reduce his hard drive. I want to decrease up to 10 GB.

    I don't know how. Anyone know?

    I think the only way is to use the conversion application with the power - line-machine option

    Thank you very much!!

    Jose.

    VMware converter would be the best option with the option of HDD resize at the end another way is affecting your current VMDK THIN and you will be liberated from the unused space.

  • How to apply the VMware-tools-linux - 8.3.2 - 257589.iso to ESXi 4.1 CD Version?

    Hi I'm new to ESXi. I downloaded the CD Version of ESXi 4.1 and installed chickadee on a server.

    When I tried to apply the VMWare Tools in a Linux guest I get error of vShere customer:

    ' / usr/lib/vmware/isoimages/linux.iso' not found

    • Need the ISO Image is not installed *.

    I searched the forums and found that VMWare-Tools are only in the DVD Version, but not in CD version

    to ESXi 4.1.

    In VMWare download area I found VMWare-Tools for Linux OSes', after the download, I get:

    Iso VMware-tools-linux - 8.3.2 - 257589.iso contains:

    VMWARETO. TGZ

    MANIFESTO. TXT

    How to apply this driver/patch my ESXi Server?

    Thanks for the help!

    With ESXi 4.1, you have an option for "Image CD VMware Tools for operating systems invited ISO Linux", for more information, please visit http://kb.vmware.com/kb/1024047

    Hope this helps!

    If you have found this or other useful information, please consider awarding points to 'Correct' or 'useful '.

    f 10

    VCP3, VCP4, HPCP, HP UX CSA

    http://KB.VMware.com/

  • NB100 - how to upgrade the BIOS using Linux

    I have searched all afternoon to update the bios on my linux and could not find one thing that works.

    Someone did he do with the more technical?
    Any help or walk through would be great

    I managed to get the BIOS update work. Simply retrieve the machine and install the BIOS update, as a kind of kernelmodule is modified by the update of the system which is responsible for enforcing BIOSupdate.

    After recovering (without applying a system update) just immediately update the BIOS.

    Welcome them
    Dennis

  • How to get the latest tools of command line for Mountain Lion

    Hello community.

    I have a MacBook Pro withSoftware OS X 10.8.5 (12F2560)
    It is according with Mountain Lion:

    I use Homebrew, he requested updated command line tools

    Now I'm on https://developer.apple.com/downloads/ and looking at Command Line Tools , the latest update for my OS version is April 2014 (see picture)

    So I'm not able to do a new update. Given that my OS is old.

    I just installed Xcode by https://developer.apple.com/downloads . And only used or needed for Homebrew.

    What can I do to get a new update?

    Thank you.

    Upgrade the operating system if you want to have access to latest updates.

    Make sure your computer is compatible with Lion mountain, Mavericks, Yosemite, El Capitan.

    To check the model number and hold the option/Alt hold, go to the Apple menu and select system information.

    MacBook Pro (Mid/Late 2007 or newer) model number 3.1 or later version

    Your Mac needs:

    Installation of OS X 10.6.8 or OS X Lion

    2 GB or more of memory (more is better - minimum 4 GB seems to be the consensus)

    8 GB or more of available space

    Check to make sure that your applications are compatible. PowerPC applications are no longer supported after 10.6.

    Application compatibility

    (2) application compatibility

    Information on the compatibility of 10.11 El Capitan

    Make a backup before installing, preferable 2 backups on 2 different disks.

  • How to reset the windows password using command line in windows 7

    I tried net user Geek crazy * to reset the password but it has not worked. How can I reset it using the command line

    www.beingpc.com

    D:\Users\admin>NET user "xxxx xxxx" xxxx xxxx

    -> "xxxx xxxx" is a placeholder...

    Try this instead:

    NET user 'user %%nom' MyNewPassword

  • How to hide the "ps - ef" RMAN command-line args command?

    Hello

    This isn't RMAN question by saying, but it is related to my RMAN script. Part of this RMAN script is below:

    RMAN target / catalog log ${RMANID}/${RMANPW}@${RMANSID} = ${TMPFILE} < < EOF

    When the script runs, if I run ' ps - ef | the command grep rman"(of my own code as 'oracle' user or user), I see following:

    Oracle 32522 32492 36 15:32 pts/100:00:01 rman target / catalog rman/rman2013@rmancat log = / tmp/oratmp32492

    Is it possible to hide the values of variables (Id, Pwd, SID) of the "ps - ef" command?

    Otherwise, any other an alternates?

    Best regards

    I changed my script and broke the order by following two lines, and now I don't see the username / password when I run "ps - ef" command:

    From:

    RMAN target / catalog log ${RMANID}/${RMANPW}@${RMANSID} = ${TMPFILE}<>

    TO:

    RMAN target / log = ${TMPFILE}<>

    Connect catalog ${RMANID}/${RMANPW}@${RMANSID}

    Thank you!

Maybe you are looking for