LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Wireless Networking (http://www.linuxquestions.org/questions/linux-wireless-networking-41/)
-   -   Problem:VPN wireless connection with OpenSwan on Slackware 12.0 (http://www.linuxquestions.org/questions/linux-wireless-networking-41/problem-vpn-wireless-connection-with-openswan-on-slackware-12-0-a-587793/)

Salgeras 09-27-2007 01:28 PM

Problem:VPN wireless connection with OpenSwan on Slackware 12.0
 
So, I'm trying to set VPN wireless connection on Slackware 12.0. I have a laptop, LAN card is Realtek 8139, which is connected to TL-WA501g with simple LAN cable. Further on, AP is connected to antenna.. Just to mention that this is for "home" use..

Searching this forum,I've found link to http://wiki.openswan.org/, and I've successfully installed OpenSwan. After installation, with 'ipsec verify' I verified connection,and it was [OK] for all,except OpportunisticEncryption, which is [DISABLED]. Anyway,I've started Firefox and managed to open home page of my WiFi provider. But,when I try to open any other site,FF always opens home page of my WiFi ISP.. So I checked /etc/ipsec.conf and there is no defined connection. Unfortunately, I dont know how to set a connection..I've read docs on http://wiki.openswan.org, but now I'm confused..

This is what "ipconfig /all" from windows says:
Code:

Windows IP Configuration
        Host Name . . . . . . . . . . . . : salgeras
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.200.125.175
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.200.125.1
        DHCP Server . . . . . . . . . . . : 10.200.125.1
        DNS Servers . . . . . . . . . . . : 10.200.1.30
        Lease Obtained. . . . . . . . . . : Thursday, September 27, 2007 12:18:0
1 PM
        Lease Expires . . . . . . . . . . : Sunday, September 30, 2007 12:18:01
PM

PPP adapter KBCnet:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 195.252.105.191
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 195.252.105.191
        DNS Servers . . . . . . . . . . . : 10.200.1.30
                                            194.106.162.2

I dont know how to set a connection , since there is 2 different GW's and IP's.
So, my question is: can someone help me to set connection in /etc/ipsec.conf by using these parameters?

Just to mention that IP assigning goes from DHCP. KBCnet is my ISP.

Thanks in advance!!!

perry 09-27-2007 07:58 PM

Quote:

Originally Posted by Salgeras (Post 2905675)
So, I'm trying to set VPN wireless connection on Slackware 12.0. I have a laptop, LAN card is Realtek 8139, which is connected to TL-WA501g with simple LAN cable. Further on, AP is connected to antenna.. Just to mention that this is for "home" use..

Searching this forum,I've found link to http://wiki.openswan.org/, and I've successfully installed OpenSwan. After installation, with 'ipsec verify' I verified connection,and it was [OK] for all,except OpportunisticEncryption, which is [DISABLED]. Anyway,I've started Firefox and managed to open home page of my WiFi provider. But,when I try to open any other site,FF always opens home page of my WiFi ISP.. So I checked /etc/ipsec.conf and there is no defined connection. Unfortunately, I dont know how to set a connection..I've read docs on http://wiki.openswan.org, but now I'm confused..

This is what "ipconfig /all" from windows says:
Code:

Windows IP Configuration
        Host Name . . . . . . . . . . . . : salgeras
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.200.125.175
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.200.125.1
        DHCP Server . . . . . . . . . . . : 10.200.125.1
        DNS Servers . . . . . . . . . . . : 10.200.1.30
        Lease Obtained. . . . . . . . . . : Thursday, September 27, 2007 12:18:0
1 PM
        Lease Expires . . . . . . . . . . : Sunday, September 30, 2007 12:18:01
PM

PPP adapter KBCnet:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 195.252.105.191
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 195.252.105.191
        DNS Servers . . . . . . . . . . . : 10.200.1.30
                                            194.106.162.2

I dont know how to set a connection , since there is 2 different GW's and IP's.
So, my question is: can someone help me to set connection in /etc/ipsec.conf by using these parameters?

Just to mention that IP assigning goes from DHCP. KBCnet is my ISP.

Thanks in advance!!!

not sure i can help you, but you can take a look at my thread for ideas on your situation

- perry

Salgeras 10-05-2007 02:46 AM

I've discovered very important thing: my ISP uses PPTP, not IPSEC :)
I've followed instructions from http://slackworld.berlios.de/2007/Linux2MS-VPN.html, this is what I did:
- installed PPTP
- kernel: everything that was needed for PPP was already been defined through modules,(kernel 2.6.22.5) but,just in case, I've recompiled kernel again, everything went fine, successfully booted Slackware..
- files which are needed for PPP edited like it was said
- after starting connection, error occurs, and terminate connection

These are the files which take part in this story:
1) /etc/ppp/options.pptp
Code:

lock
noauth
# We won't do EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
refuse-eap
refuse-chap
refuse-mschap

nobsdcomp
nodeflate

2) /etc/ppp/peers/kbc
Code:

pty "pptp vpn1.kbcnet.co.yu --nolaunchpppd"
  name Salgeras
  remotename PPTP
  require-mppe-128
  file /etc/ppp/options.pptp
  ipparam kbc

3) /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
Code:

# client    server      secret            IP addresses
  Salgeras      PPTP    <password>                *

This is the error after starting connection:
Code:

root@darkstar:~#  sh /usr/doc/ppp-2.4.4/scripts/pon kbc debug dump logfd 2 nodetach
pppd options in effect:
debug          # (from command line)
nodetach                # (from command line)
logfd 2        # (from command line)
dump            # (from command line)
noauth          # (from /etc/ppp/options.pptp)
refuse-chap            # (from /etc/ppp/options.pptp)
refuse-mschap          # (from /etc/ppp/options.pptp)
refuse-eap              # (from /etc/ppp/options.pptp)
name Salgeras          # (from /etc/ppp/peers/kbc)
remotename PPTP        # (from /etc/ppp/peers/kbc)
                # (from /etc/ppp/options.pptp)
pty pptp vpn1.kbcnet.co.yu --nolaunchpppd              # (from /etc/ppp/peers/kbc)
crtscts        # (from /etc/ppp/options)
                # (from /etc/ppp/options)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
ipparam kbc            # (from /etc/ppp/peers/kbc)
proxyarp                # (from /etc/ppp/options)
nobsdcomp              # (from /etc/ppp/options.pptp)
nodeflate              # (from /etc/ppp/options.pptp)
require-mppe-128                # (from /etc/ppp/peers/kbc)
using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
rcvd [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <auth pap> <magic 0x9c5dc7c6> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x768b4be1> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <asyncmap 0x0> <auth pap> <magic 0x9c5dc7c6> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x768b4be1> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x768b4be1]
sent [PAP AuthReq id=0x1 user="Salgeras" password=<hidden>]
rcvd [LCP EchoReq id=0x0 magic=0x9c5dc7c6]
sent [LCP EchoRep id=0x0 magic=0x768b4be1]
rcvd [LCP EchoRep id=0x0 magic=0x9c5dc7c6]
rcvd [PAP AuthAck id=0x1 "64/74\n"]
Remote message: 64/74^J
PAP authentication succeeded
MPPE required, but MS-CHAP[v2] auth not performed.
sent [LCP TermReq id=0x2 "MPPE required but not available"]
rcvd [IPCP ConfReq id=0x1 <addr 10.200.2.1>]
Discarded non-LCP packet when LCP not open
rcvd [LCP TermAck id=0x2]
Connection terminated.
Script pptp vpn1.kbcnet.co.yu --nolaunchpppd finished (pid 3167), status = 0x0

Now what?? With "modprobe ppp_mppe" I've inserted the module..Here's the of 'lsmod' about that module:
Code:

Module                  Size  Used by
ppp_synctty            11392  0
ppp_mppe              10116  0
ppp_async              13056  0
ppp_generic            26772  3 ppp_synctty,ppp_mppe,ppp_async
slhc                    9856  1 ppp_generic

Although I didn't make a connection,I can open my ISP's home page, and all pages on his site.
Here's the 'ifconfig':
Code:


eth0      Link encap:Ethernet  HWaddr 00:17:31:25:8C:E0 
          inet addr:10.200.125.175  Bcast:10.200.125.255  Mask:255.255.255.0
          inet6 addr: fe80::217:31ff:fe25:8ce0/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:231 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:20329 (19.8 KiB)  TX bytes:4795 (4.6 KiB)
          Interrupt:18 Base address:0xd800

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Please!! Can someone help?!


All times are GMT -5. The time now is 04:53 AM.