<span style="font-family: courier new,monospace;">Hello all,</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">I'm trying to make my linux machine connect to a Checkpoint vpn that is using hybrid authentication (at least I think this is the name).</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">Let me first explain you the network:</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">(my machine 10.0.0.100 ) ---> ( 10.0.0.1 firewall 12.12.169.237 ) ---> ( 123.123.190.160 Checkpoint fw ) ---> 10.20.30.xx network</span><br style="font-family: courier new,monospace;">
<br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">And now written:</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">- my ip is 10.0.0.100<br>
- from here I'm going to internet via gw 10.0.0.1<br>- my external ip is 12.12.169.237</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">- I want to connect to a customer network via a Checkpoint SecuRemote firewall. His network has ip's in the range 10.20.30.xx<br>
- the connection to the customer is via the ip 123.123.190.160<br><br>From Windows I'm using their vpn client and I have to provide the IP (123.123.190.160), a username and a password. After that everything is transparent for me.<br>
<br>I tried a lot of documents from the net, but all of them where pretty old and very thin on explanations (for me at least).<br><br>Can someone help me or send me to some documentation related to this, in order to connect to this VPN from linux?<br>
<br>From what I've read until now, some people managed to make the connection work.<br><br>The closest thing I got to my setup is this:<br><a href="http://emsi.it.pl/auto/opensclienthowto">http://emsi.it.pl/auto/opensclienthowto</a><br>
<br>I got a certificate from <a href="http://123.123.190.160:18264/">http://123.123.190.160:18264/</a>, followed _some_ steps in the tutorial, but I can't see anywhere where it's using authentication with user/pass. An other problem for me is that I don't have any access to the firewall, so I can't get the firewall certificate.<br>
<br>If I'm going the wrong way, please advise.<br><br>My software:<br></span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">ipsec --version</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;">Linux Openswan U2.6.21/K2.6.29.5-191.fc11.i686.PAE (netkey)</span><br style="font-family: courier new,monospace;"><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;">Best regards,</span><br style="font-family: courier new,monospace;">
<span style="font-family: courier new,monospace;"> Cristian Falcas</span><br style="font-family: courier new,monospace;">