On IPCOP machine side (server)Under the VPNs tab, enable the VPN on BLUE checkbox. Click Save.
Create your host/root certificates by clicking on the Generate Root/Host certificates button. After creation, there are two lines. First line is Root certificate. The subject line should be something like: C=US, O=My Network, CN=My Network CA. You'll need this info later.
Add a new connection (on the same page). Select host-to-net (road warrior) connection. Give it a name like BlueNetwork. Interface (obviously) should be blue. Local subnet should be 0.0.0.0/0.0.0.0 (this will give you access to the green and red networks). For authentication, I am using a pre-shared key, so I make sure that that line has the selected radio buttona and Fill in password. Click Save.
On Ubuntu machine side (client)
Install OpenSwan
$ sudo apt-get install openswan (to get Openswan installed)
Edit file /etc/ipsec.conf and paste the below script after "# Add connections here"
++++++++++++++
conn bluenetwork
left=%defaultroute
right=x.y.z.w
rightsubnet=192.168.1.0/255.255.255.0
authby=secret
auth=esp
pfs=yes
compress=no
auto=add
Note (1): replace x.y.z.w with the public IP of the IPCop VPN you
want to access
Note (2): change rightsubnet as per the internal network (GREEN)
behind the IPCop firewall
Note (3): you can change "bluenetwork" to another name if you want to
In your /etc/ipsec.secrets you just need:
=========================================
: PSK "pre-shared key defined in the IPCop VPN"
To start IPsec:
# /etc/init.d/ipsec start
To stop IPsec:
# /etc/init.d/ipsec stop
To bring up the VPN tunnel:
# ipsec auto --up myvpn
To bring down the VPN tunnel:
# ipsec auto --down myvpn
Hopely success full :)
Thank to "whitelover"
6 comments:
hi, cool post! It works perfectly. Now i can use my VPN with Ubuntu! :D
Hi I'd like to thank you for such a great made forum!
thought this is a perfect way to introduce myself!
Sincerely,
Hilary Driscoll
if you're ever bored check out my site!
[url=http://www.partyopedia.com/articles/bowling-party-supplies.html]bowling Party Supplies[/url].
This is my first post I'd like to congratulate you for such a great made forum!
thought this would be a perfect way to introduce myself!
The best way establish assets it is usually a wise conclusion to begin a savings or investing plan as soon in life as obtainable. But don't fear if you have not began saving your capital until later on in life. With honest work, that is experimenting the best investment vehicles for your assets you can slowly but surely increase your wealth so that it adds up to a big sum by the period you hope to retire. Scout out all of the accessible asset classes from stocks to real estate as investments for your money. A researched and diversified portfolio of investments in a wide range of asset classes can make your money age throughout the years.
-Avis Christon
[url=http://urwealthy.com]currency conversion [/url]
Can you recommend the most popular Remote Management & Monitoring tool shareware?
I searched the web and found the following:
Kaseya.com
GFI.com
Logmein.com
They all look different... Does anyone has a priority?
By the way did anyone try that software:
N-able remote desktop software ?
Are you doing this on a 64 or 32 bit system? I've been unable to keep the tunnel up long enough under a 32 kernel to set the routes up before it closes. (I must admit to not investigating very hard) On my 64 bit workstation I have no such issues.
VPN
Post a Comment