LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking
User Name
Password
Linux - Wireless Networking This forum is for the discussion of wireless networking in Linux.

Notices

Reply
 
LinkBack Search this Thread
Old 09-27-2007, 01:28 PM   #1
Salgeras
LQ Newbie
 
Registered: May 2007
Distribution: Slackware 12.0, Fedora Core 7
Posts: 17

Rep: Reputation: 0
Problem:VPN wireless connection with OpenSwan on Slackware 12.0


So, I'm trying to set VPN wireless connection on Slackware 12.0. I have a laptop, LAN card is Realtek 8139, which is connected to TL-WA501g with simple LAN cable. Further on, AP is connected to antenna.. Just to mention that this is for "home" use..

Searching this forum,I've found link to http://wiki.openswan.org/, and I've successfully installed OpenSwan. After installation, with 'ipsec verify' I verified connection,and it was [OK] for all,except OpportunisticEncryption, which is [DISABLED]. Anyway,I've started Firefox and managed to open home page of my WiFi provider. But,when I try to open any other site,FF always opens home page of my WiFi ISP.. So I checked /etc/ipsec.conf and there is no defined connection. Unfortunately, I dont know how to set a connection..I've read docs on http://wiki.openswan.org, but now I'm confused..

This is what "ipconfig /all" from windows says:
Code:
Windows IP Configuration
        Host Name . . . . . . . . . . . . : salgeras
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.200.125.175
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.200.125.1
        DHCP Server . . . . . . . . . . . : 10.200.125.1
        DNS Servers . . . . . . . . . . . : 10.200.1.30
        Lease Obtained. . . . . . . . . . : Thursday, September 27, 2007 12:18:0
1 PM
        Lease Expires . . . . . . . . . . : Sunday, September 30, 2007 12:18:01
PM

PPP adapter KBCnet:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 195.252.105.191
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 195.252.105.191
        DNS Servers . . . . . . . . . . . : 10.200.1.30
                                            194.106.162.2
I dont know how to set a connection , since there is 2 different GW's and IP's.
So, my question is: can someone help me to set connection in /etc/ipsec.conf by using these parameters?

Just to mention that IP assigning goes from DHCP. KBCnet is my ISP.

Thanks in advance!!!
 
Old 09-27-2007, 07:58 PM   #2
perry
Member
 
Registered: Sep 2003
Location: USA & Canada
Distribution: Slackware 12.0
Posts: 978

Rep: Reputation: 30
Quote:
Originally Posted by Salgeras View Post
So, I'm trying to set VPN wireless connection on Slackware 12.0. I have a laptop, LAN card is Realtek 8139, which is connected to TL-WA501g with simple LAN cable. Further on, AP is connected to antenna.. Just to mention that this is for "home" use..

Searching this forum,I've found link to http://wiki.openswan.org/, and I've successfully installed OpenSwan. After installation, with 'ipsec verify' I verified connection,and it was [OK] for all,except OpportunisticEncryption, which is [DISABLED]. Anyway,I've started Firefox and managed to open home page of my WiFi provider. But,when I try to open any other site,FF always opens home page of my WiFi ISP.. So I checked /etc/ipsec.conf and there is no defined connection. Unfortunately, I dont know how to set a connection..I've read docs on http://wiki.openswan.org, but now I'm confused..

This is what "ipconfig /all" from windows says:
Code:
Windows IP Configuration
        Host Name . . . . . . . . . . . . : salgeras
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.200.125.175
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.200.125.1
        DHCP Server . . . . . . . . . . . : 10.200.125.1
        DNS Servers . . . . . . . . . . . : 10.200.1.30
        Lease Obtained. . . . . . . . . . : Thursday, September 27, 2007 12:18:0
1 PM
        Lease Expires . . . . . . . . . . : Sunday, September 30, 2007 12:18:01
PM

PPP adapter KBCnet:
        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : <**>
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 195.252.105.191
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 195.252.105.191
        DNS Servers . . . . . . . . . . . : 10.200.1.30
                                            194.106.162.2
I dont know how to set a connection , since there is 2 different GW's and IP's.
So, my question is: can someone help me to set connection in /etc/ipsec.conf by using these parameters?

Just to mention that IP assigning goes from DHCP. KBCnet is my ISP.

Thanks in advance!!!
not sure i can help you, but you can take a look at my thread for ideas on your situation

- perry
 
Old 10-05-2007, 02:46 AM   #3
Salgeras
LQ Newbie
 
Registered: May 2007
Distribution: Slackware 12.0, Fedora Core 7
Posts: 17

Original Poster
Rep: Reputation: 0
I've discovered very important thing: my ISP uses PPTP, not IPSEC
I've followed instructions from http://slackworld.berlios.de/2007/Linux2MS-VPN.html, this is what I did:
- installed PPTP
- kernel: everything that was needed for PPP was already been defined through modules,(kernel 2.6.22.5) but,just in case, I've recompiled kernel again, everything went fine, successfully booted Slackware..
- files which are needed for PPP edited like it was said
- after starting connection, error occurs, and terminate connection

These are the files which take part in this story:
1) /etc/ppp/options.pptp
Code:
lock
noauth
# We won't do EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
refuse-eap
refuse-chap
refuse-mschap

nobsdcomp
nodeflate
2) /etc/ppp/peers/kbc
Code:
pty "pptp vpn1.kbcnet.co.yu --nolaunchpppd"
   name Salgeras
   remotename PPTP
   require-mppe-128
   file /etc/ppp/options.pptp
   ipparam kbc
3) /etc/ppp/chap-secrets and /etc/ppp/pap-secrets
Code:
# client    server       secret            IP addresses
  Salgeras      PPTP    <password>                 *
This is the error after starting connection:
Code:
root@darkstar:~#  sh /usr/doc/ppp-2.4.4/scripts/pon kbc debug dump logfd 2 nodetach
pppd options in effect:
debug           # (from command line)
nodetach                # (from command line)
logfd 2         # (from command line)
dump            # (from command line)
noauth          # (from /etc/ppp/options.pptp)
refuse-chap             # (from /etc/ppp/options.pptp)
refuse-mschap           # (from /etc/ppp/options.pptp)
refuse-eap              # (from /etc/ppp/options.pptp)
name Salgeras           # (from /etc/ppp/peers/kbc)
remotename PPTP         # (from /etc/ppp/peers/kbc)
                # (from /etc/ppp/options.pptp)
pty pptp vpn1.kbcnet.co.yu --nolaunchpppd               # (from /etc/ppp/peers/kbc)
crtscts         # (from /etc/ppp/options)
                # (from /etc/ppp/options)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
ipparam kbc             # (from /etc/ppp/peers/kbc)
proxyarp                # (from /etc/ppp/options)
nobsdcomp               # (from /etc/ppp/options.pptp)
nodeflate               # (from /etc/ppp/options.pptp)
require-mppe-128                # (from /etc/ppp/peers/kbc)
using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
rcvd [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <auth pap> <magic 0x9c5dc7c6> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x768b4be1> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <asyncmap 0x0> <auth pap> <magic 0x9c5dc7c6> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x768b4be1> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x768b4be1]
sent [PAP AuthReq id=0x1 user="Salgeras" password=<hidden>]
rcvd [LCP EchoReq id=0x0 magic=0x9c5dc7c6]
sent [LCP EchoRep id=0x0 magic=0x768b4be1]
rcvd [LCP EchoRep id=0x0 magic=0x9c5dc7c6]
rcvd [PAP AuthAck id=0x1 "64/74\n"]
Remote message: 64/74^J
PAP authentication succeeded
MPPE required, but MS-CHAP[v2] auth not performed.
sent [LCP TermReq id=0x2 "MPPE required but not available"]
rcvd [IPCP ConfReq id=0x1 <addr 10.200.2.1>]
Discarded non-LCP packet when LCP not open
rcvd [LCP TermAck id=0x2]
Connection terminated.
Script pptp vpn1.kbcnet.co.yu --nolaunchpppd finished (pid 3167), status = 0x0
Now what?? With "modprobe ppp_mppe" I've inserted the module..Here's the of 'lsmod' about that module:
Code:
Module                  Size  Used by
ppp_synctty            11392  0 
ppp_mppe               10116  0 
ppp_async              13056  0 
ppp_generic            26772  3 ppp_synctty,ppp_mppe,ppp_async
slhc                    9856  1 ppp_generic
Although I didn't make a connection,I can open my ISP's home page, and all pages on his site.
Here's the 'ifconfig':
Code:
eth0      Link encap:Ethernet  HWaddr 00:17:31:25:8C:E0  
          inet addr:10.200.125.175  Bcast:10.200.125.255  Mask:255.255.255.0
          inet6 addr: fe80::217:31ff:fe25:8ce0/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:231 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:20329 (19.8 KiB)  TX bytes:4795 (4.6 KiB)
          Interrupt:18 Base address:0xd800 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
Please!! Can someone help?!
 
  


Reply

Tags
pptp, vpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Openswan Vpn satish Linux - Networking 0 04-11-2007 07:47 AM
Openswan/Cisco PIX: NATting a VPN Tunnel SnotRocket Linux - Networking 1 01-28-2007 09:13 PM
Wireless card..Wireless router.. Slackware 10.2 ..Problems with Internet Connection. Storm Bringer Linux - Wireless Networking 4 03-23-2006 06:25 AM
Authorizing Openswan VPN connection logo Linux - Networking 1 03-05-2005 04:46 AM
Creating a Linux<-WinXP VPN with OpenSwan logo Linux - Security 4 02-07-2005 09:40 AM


All times are GMT -5. The time now is 09:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration