Ubuntu Linux laptop roadwarrior to IPCop VPN 1.4.6
frederic at wallaby.uklinux.net
Thu Jul 21 20:20:14 UTC 2005
Ok I got it working as follows:
I connected to the IPCop 1.4.6 VPN using a pre-shared key from my
laptop running Ubuntu Linux (Hoary) 5.0.4 over a wireless connection!
You need to install OpenSwan.
$ sudo apt-get install openswan
Here is a link from which I got most of the info
In your /etc/ipsec.conf:
Note (1): replace x.y.z.w with the public IP of the IPCop VPN you
want to access
Note (2): change rightsubnet as per the internal network (GREEN)
behind the IPCop firewall
Note (3): you can change "myvpn" to another name if you want to
In your /etc/ipsec.secrets you just need:
: PSK "pre-shared key defined in the IPCop VPN"
To start IPsec:
# /etc/init.d/ipsec start
To stop IPsec:
# /etc/init.d/ipsec stop
To bring up the VPN tunnel:
# ipsec auto --up myvpn
To bring down the VPN tunnel:
# ipsec auto --down myvpn
Works a treat. Enjoy!
On 21 Jul 2005, at 12:37, Eric S. Johansson wrote:
> Frederic Soulier wrote:
>> I've an IPCop firewall 1.4.6 setup with VPN activated with a pre-
>> shared key.
>> I can connect to it without problem using IPSecuritas from a Mac
>> OS X roadwarrior or TheGreenBow VPN from a Windows XP Pro
>> roadwarrior but so far no luck with connecting from a Linux
>> roadwarrior running Ubuntu Hoary (5.0.4)...
> as they say, two out of three isn't bad... unless you're the one.
>> Ubuntu laptop (using a wireless Netgear WG511 card):
>> IP: 192.168.0.121
>> $ sudo apt-get install openswan (to get Openswan installed)
> I wonder if part of the problem might be that IPCop is still on 1.x
> openswan. we really need to upgrade.
>> conn office
>> right=<public IP of the IPCop VPN>
> I suggest taking this problem to the IPCop users mailing list. I'd
> also like to see the full configuration you are using.
>> Then I try to bring the connection up
>> $ sudo ipsec auto --up office
>> 104 "office" #1: STATE_MAIN_I1: initiate
>> 010 "office" #1: STATE_MAIN_I1: restransmission; will wait 20s
>> for response
>> 010 "office" #1: STATE_MAIN_I1: restransmission; will wait 40s
>> for response
>> So I just Ctrl-C here because it does do anything good.
>> Trying to ping my internal netwwork gives:
>> connect: Resource temporarily unavailable
>> I have to stop IPsec to get my network back...
>> $ sudo /etc/init.d/ipsec stop
>> Any info would be appreciated. Thanks.
> you have more problems than just IPsec. For example, when you turn
> on IPsec what happens to the routing? use netstat -nr
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
Frederic P. Soulier
OpenPGP key available on http://pgpkeys.mit.edu/
1024D/BA6700ED 49A6 8E8E 4230 8D41 1ADE B649 3203 1DD2 BA67 00ED
More information about the ubuntu-users