D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Problems VPNing with IPCop 1.3+patches?



On Wed, 10 Nov 2004 19:59:02 +0000
Grant Sewell <dclug@xxxxxxxxxxxxxxxxxx> wrote:

Cheers!

I'm pretty sure Win2k (which is what the College run) supports IPSec by default... 
I think I remember reading something about that for my MCP 215 exam... at least I 
hope it does!  I certainly won't get permission to install 3rd party software on 
any of their machines, though.

This isn't a vital project anyway.  There is only really one machine that I want 
to be connect over a VPN... my class/lab has 10 machines connected to the College 
network, which uses a Netware proxy (doesn't seem to allow anything except http... 
pah!), 8 machines used for CCNA labs and 1 machine connected to an outside ADSL 
line.  Guess which one I'll be trying to use the VPN on?  It's basically so I can 
be lazy and not bother taking files in to College on my pendrive (or email them to 
myself).

Well, I've enabled the VPN on my IPCop box (VPN IP defaults to red interface IP... 
makes sense); I've setup tcp+udp 500 to be forwarded from the modem/router to the 
IPCop box, but it needs saving+rebooting for the settings to take effect; I am in 
College tomorrow (doing a MSAccess MOS course) so I'll try connecting to the VPN 
tomorrow lunch.

I'll report back on successes/failures.

Thanks Robin.

Grant.


Ok, well I've made no progress what-so-ever.  I've setup the ADSLRouter to forward 
TCP/UDP 500 to my IPCop box.  I've setup the IPCop box to listen on it's red 
interface (which connects directly to the ADSLRouter), and I've setup the left/right 
things as follows (note that I've not found a decent set of docs that describes what 
each is for and how it should be configured for various implementations):

Name:           collegeaccess
Enabled:        yes
Left:           192.168.1.25
Left next hop:  %defaultroute
Left subnet:    192.168.1.0/255.255.255.0
Right:          0.0.0.0
Right next hop: %defaultroute
Right subnet:   0.0.0.0/0.0.0.0
Secret:**************
Compression: off        

Now, as far as I can tell from pulling together different docs, Left is *my* LAN and 
Right is the *other* LAN.  Now, how should I change this so that any IP could access 
the VPN so long as the correct "secret" was given?  Once I've sorted that the 
addresses in here are correct and should work without a hitch, then I'll go back to 
the port forwarding thing.

Thanks again Robin.

Grant.

-- 
Artificial intelligence is no match for nuratal stidutipy.

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.



Lynx friendly