LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 06-04-2009, 09:41 AM   #1
adithya24
LQ Newbie
 
Registered: Sep 2008
Posts: 9

Rep: Reputation: 0
Establishing a VPN connection (host to host) using IPSec services


Hi,i would like to establish a VPN connection which can hold either 'two' hosts..and secondly if that's done i would like to go for more number of users..Can i do it using IPSec services??if yes then how??

Please let me know..

Cheers!
 
Old 06-04-2009, 02:05 PM   #2
grepmasterd
Member
 
Registered: Aug 2003
Location: Seattle
Distribution: ubuntu, lately
Posts: 182
Blog Entries: 1

Rep: Reputation: 35
openswan for ipsec, openvpn for ssl-vpn.
 
Old 06-05-2009, 12:06 AM   #3
adithya24
LQ Newbie
 
Registered: Sep 2008
Posts: 9

Original Poster
Rep: Reputation: 0
Question Establishing a VPN connection (host to host) using IPSec services Reply to Thread L

You mean to say go into the terminal and type those commands??
 
Old 06-05-2009, 10:17 AM   #4
grepmasterd
Member
 
Registered: Aug 2003
Location: Seattle
Distribution: ubuntu, lately
Posts: 182
Blog Entries: 1

Rep: Reputation: 35
no, sorry. vpn's generally take some setup on both ends. see documentation at http://www.openswan.org and http://www.openvpn.org. most linux distros will have the software already compiled and ready to install, via yum/rpm or apt-get, etc, so don't bother downloading the software from those sites unless you need to.
 
Old 06-06-2009, 01:21 AM   #5
adithya24
LQ Newbie
 
Registered: Sep 2008
Posts: 9

Original Poster
Rep: Reputation: 0
Question establish a VPN connection using IPSec

i tried 'sudo apt-get install openswan' as you said but it says :

adithya@ubuntu:~$ sudo apt-get install openswan
[sudo] password for adithya:
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package openswan
adithya@ubuntu:~$

It shoud work for 'openvpn' because it suggested me to install 'openvpn' using apt-get..but will it provide IPSec services??

What should i do?

Adithya.
 
Old 06-06-2009, 09:53 AM   #6
grepmasterd
Member
 
Registered: Aug 2003
Location: Seattle
Distribution: ubuntu, lately
Posts: 182
Blog Entries: 1

Rep: Reputation: 35
openvpn is ssl-vpn only. if you need ipsec then use openswan.

Openswan is there, I use it on my ubuntu systems. If you can't find it, search for it at http://packages.ubuntu.com/ to find out which repository to use. To do that, edit /etc/apt/sources (uncomment the appropriate lines) and run 'apt-get update', then 'apt-get install openswan'
 
Old 06-09-2009, 01:49 AM   #7
adithya24
LQ Newbie
 
Registered: Sep 2008
Posts: 9

Original Poster
Rep: Reputation: 0
Question Establishing a VPN connection (host to host) using IPSec services

I have installed openswan using what you said..but in the network connections when i say 'edit connections' and go to 'VPN tab' there are two options 'openvpn' and 'PPTP' which i had already installed ..how do i get VPN with IPSec (i.e. what i installed using 'openswan')..Do i need to use the 'import' option ? If yes then how do i import??What is the procedure for X.509 certification??

After installing openswan it said that the connections to the internet will be slow! Why??

I installed openswan as follows:

adithya@ubuntu:/$ sudo apt-get install openswan
Reading package lists... Done
Building dependency tree
Reading state information... Done
openswan is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 107 not upgraded.
adithya@ubuntu:/$

Adithya.
 
Old 06-09-2009, 08:17 AM   #8
grepmasterd
Member
 
Registered: Aug 2003
Location: Seattle
Distribution: ubuntu, lately
Posts: 182
Blog Entries: 1

Rep: Reputation: 35
unfortunately I cannot help you learn openswan in a single forum thread. But I'll address your points.

VPN tab -- I don't know what distro or desktop you are using, but I assume that if ipsec is not showing up in your UI, then the UI does not support it. You will have to just edit the configuration files directly.

X509 is complex, please refer to the documentation.

Quote:
After installing openswan it said that the connections to the internet will be slow! Why??
Where does it say that? This is not generally true.

Quote:
adithya@ubuntu:/$ sudo apt-get install openswan
...
openswan is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 107 not upgraded.
Good, it appears that it was already installed. You should be ready to start, but be prepared to read as there are numerous ways to configure openswan ipsec. Also be ready to build and edit configuration files using a text editor.

good luck.
 
Old 06-10-2009, 08:08 AM   #9
adithya24
LQ Newbie
 
Registered: Sep 2008
Posts: 9

Original Poster
Rep: Reputation: 0
Unhappy Establishing a VPN connection (host to host) using IPSec services

I am using ubuntu 9.04 (Jaunty Jackalope Desktop version).I am still not able to configure VPN using IPSec as it doesn't show up in the extreme right top corner's Network Manager's VPN Tab.So i went for openvpn and VPN using PPTP..These two show up when i say 'Add' through Network Manager's VPN Tab..Then it says "Choose VPN connection type"..I selected PPTP..Then it asked me for 'gateway'..'username and password' which is optional..along with NT domain..What do i enter in these fields??I went into Advanced Tab and checked MPPE..and also checked "Connect automatically"..yet it doesn't show it connected..

My "DSL Connection" is working fine though..What can be the problem??

Please help.

Adithya.
 
Old 06-10-2009, 08:44 AM   #10
grepmasterd
Member
 
Registered: Aug 2003
Location: Seattle
Distribution: ubuntu, lately
Posts: 182
Blog Entries: 1

Rep: Reputation: 35
by simple google searches on "gnome network manager vpn ipsec" I found the following:

from http://projects.gnome.org/NetworkManager/admins/
Quote:
VPN

NetworkManager has pluggable support for VPN software, including Cisco compatible VPNs (using vpnc), openvpn, and Point-to-Point Tunneling Protocol (PPTP). Support for other vpn clients is welcomed. Simply install the NetworkManager VPN plugin your site uses, and pre-load the user's machines with the VPN's settings. The first time they connect, the user will be asked for their passwords.
from http://www.nabble.com/Generic-IPSEC-...d22928260.html

Quote:
> Is there, or is there planned, a generic IPSEC vpn plugin for
> NetworkManager?
> ...

Openswan has a GSoC project submission for this. One of the issues is
the architecture of NM, which focusses on user-based, and the the
architecture of ipsec, which is host-based. This creates some issues,
one of which is where and how to store and pass user/host credentials.
At this point I think you need to do your own homework. You're asking me to teach you to drive by exchanging forum posts. VPNs can be complex and are network-specific, there is no one-size-fits-all solution. I thought you needed IPsec, but if any encrypted connection will do then consider ssh.

From here, you should:
  • learn about vpns
  • figure out what you are trying to set up with your systems in terms that vpn admins use : "VPN connection which can hold either 'two' hosts" doesn't make any sense.
  • use the simplest solution that will work for you

good luck.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
connection host-server-host pako0 Linux - Networking 1 10-03-2006 08:37 PM
How would I go about establishing a VPN connection from IPCop to my server? RZKESP Linux - Networking 2 06-22-2006 09:16 PM
VPN in/nix passing connection to another host. phatboyz Linux - Networking 0 12-31-2004 09:14 AM
Linux VPN - IPSEC connection for client? jon3k Linux - Networking 2 12-08-2003 12:47 AM
How to configure Host-to-Host IPSec (Free SWAN) gpagedar Linux - Security 2 10-18-2003 05:22 AM


All times are GMT -5. The time now is 10:20 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration