LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Closed Thread
 
LinkBack Search this Thread
Old 01-01-2013, 02:44 AM   #1
a.dehqan
Member
 
Registered: May 2008
Posts: 81

Rep: Reputation: 15
Configuring Debian as ipses vpn server


In The Name of Allah

Hello ;
I have used this guide in this topic to config debian server as ipsec server ,
I just want use server az vpn proxy server , not i a vpn server in LAN with chap authentication ..so i have done steps 1,2 and 3 .
hence my client has dynamic IP ,so some parts should be changed but i dunno how ?

1 - In step 1 , we have this line in file /etc/xl2tpd/xl2tpd.conf :
Code:
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24
Should i replace 192.168.1.0 with client dynamic IP ?

2-In step 3 , we have these lines in file /etc/xl2tpd/xl2tpd.conf
Code:
[lns default]
ip range = 192.168.1.10-192.168.1.20
local ip = 192.168.1.1
Should i replace 192.168.1.1 and ip range with client dynamic IP ?

Regards dehqan
 
Old 01-01-2013, 11:29 AM   #2
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,837

Rep: Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371
Quote:
Originally Posted by a.dehqan View Post
Hello ;
I have used this guide in this topic to config debian server as ipsec server, I just want use server az vpn proxy server , not i a vpn server in LAN with chap authentication ..so i have done steps 1,2 and 3. hence my client has dynamic IP ,so some parts should be changed but i dunno how ?
Which guide did you follow? The original link is very old, and the updated one it points to (for Ubuntu 10), is also old. There is an updated doc at the Debian wiki...did you try it?
http://wiki.debian.org/IPsec
https://wiki.archlinux.org/index.php...N_client_setup

Quote:
1 - In step 1 , we have this line in file /etc/xl2tpd/xl2tpd.conf :
Code:
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24
Should i replace 192.168.1.0 with client dynamic IP ?
No, since that would then disallow that subnet, as it says in the documentation. That is defining the network range of addresses for incoming clients.
Quote:
2-In step 3 , we have these lines in file /etc/xl2tpd/xl2tpd.conf
Code:
[lns default]
ip range = 192.168.1.10-192.168.1.20
local ip = 192.168.1.1
Should i replace 192.168.1.1 and ip range with client dynamic IP ?
No, please re-read the documentation. The IP range is the range of addresses that is given to the clients...the documentation says that very clearly. The local IP address. There is even a man page for that file...have you consulted it?
http://linux.die.net/man/5/xl2tpd.conf

It explains what each field does.
 
1 members found this post helpful.
Old 01-02-2013, 02:55 AM   #3
a.dehqan
Member
 
Registered: May 2008
Posts: 81

Original Poster
Rep: Reputation: 15
Hello ;

Thanks for your attention;
I checked both guides there is no differences except openswan versions ... that it does not matter for me that i'm installing openswan from debian repositories on debian.

There is a Debian VPS server that i want use it as VPN server to bypass filtering so this works as a proxy server ,not a local vpn server ,
That ubuntu guide that i used is configuring a local vpn server in a local network , so 1 - i don't need all steps , so i just done steps 1,2,3 for my aim and i just edited server IP , and have changed ipsec.conf for chap authentication :
require chap=yes

Then i have restarted ipsec and x2lptd daemons on server and hve created a vpn connection on windows 7(a client on the internet) with username and password ...
but it does not connect and gives error
i checked server auth.log that is like this http://hpaste.org/80026

How to fix the problem ?

Last edited by a.dehqan; 01-02-2013 at 03:00 AM.
 
Old 01-02-2013, 12:11 PM   #4
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,837

Rep: Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371
Quote:
Originally Posted by a.dehqan View Post
Hello ;
I checked both guides there is no differences except openswan versions ... that it does not matter for me that i'm installing openswan from debian repositories on debian.

There is a Debian VPS server that i want use it as VPN server to bypass filtering so this works as a proxy server ,not a local vpn server ,
That ubuntu guide that i used is configuring a local vpn server in a local network , so 1 - i don't need all steps , so i just done steps 1,2,3 for my aim and i just edited server IP , and have changed ipsec.conf for chap authentication :
require chap=yes

Then i have restarted ipsec and x2lptd daemons on server and hve created a vpn connection on windows 7(a client on the internet) with username and password ...
but it does not connect and gives error
i checked server auth.log that is like this http://hpaste.org/80026

How to fix the problem ?
You fix it by following the instructions. You can't pick and choose which steps to follow. Also, since you're asking about how to bypass filtering (what KIND of filtering you don't say), that's against the LQ Rules. Aside from the legal issues, you do realize that if you're caught at your job, you could get fired, right?

And did you try to look this error up?
https://lists.openswan.org/pipermail...il/020337.html
 
Old 01-03-2013, 11:37 PM   #5
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Evading filtering could be harmful to your company, and as such is in violation of the LQ rules.
http://www.linuxquestions.org/linux/rules.html

This thread is closed.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vpn-vpn Bridge between two networks (1x Debian Server, 1x Cisco RVS4000) qawse Linux - Networking 2 01-14-2011 01:16 AM
configuring a VPN Server on Ubuntu senkenzi Linux - Networking 1 02-17-2009 01:32 PM
Help required for configuring the VPN Server in Linux mikdadhussain Linux - Security 0 11-19-2006 08:29 AM
VPN server in Linux (help with configuring) Mr.Ampersand() Linux - Software 1 01-31-2005 01:04 AM


All times are GMT -5. The time now is 12:36 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration