[Openswan Users] Help for making VPN Tunnel using DynDNS on DSL Routers

Tue Jan 16 05:42:54 EST 2007

Dear ALL,

I've a problem in setting up a VPN connections between my Home Network to my
OfficeNetwork,
Where 3 machines are connected to my home network and the same number of
machines are installed in my office.
I want to make a VPN connection on both gateways with FreeSWan using Dynamic
IP Addresses.

                  192.168.1.2 (eth0)        192.168.1.1
192.168.1.1        192.168.1.2(eth0) 
                |        |           |    |   |        |      [          ]
|    |       |     |    |    |
---|------->----|----Gateway Linux---|===>|-DSL Router-|------[ INTERNET
]---|-DSL ROUTER-|-----|--Linux--|--<---|----   
   |            |        |           |    |   |        |      [          ]
|    |       |          |           |
17.29.18.0/24     172.29.18.1 (eth1)          |
|                  |  192.168.10.0/24
HomeNetwork                              abc.dnsalias.net
xyz.dnsalias.net       |      OfficeNet

|       

192.168.10.1 (eth1)

In the above mentioned Scenario, I've two DSL Routers with same
configuration. Both are taking Dynamic IP address from the ISP and on both
the DSL Routers I've configured the DynDNS.org user accounts (
abc.dnsalias.net and xyz.dnsalias.net) and these DSL routers are directly
connected to the Linux (RedHat9) GateWay Machines on eth0 interface. Now I
want to make a VPN Tunnel between my HomeNet and OfficeNet. 

Kindly suggest me how it is possible. And I'm also sending you the
ipsec.conf and ipsec.secrets along with this.

I'd be highly thankful to you if I'm able to connect my home network machine
to my office network. 

Ipsec.conf :
config setup
	interfaces=%defaultroute
	klipsdebug=none
	plutodebug=none
	uniqueids=yes

conn test
	type tunnel
	compress=yes
	left=abc.dnsalias.net
	leftsubnet=172.29.18.0/24
	leftnexthop=%defaultroute
	right=xyz.dnsalias..net
	rightsubnet=192.168.10.0/24
	rightnexthop=%defaultroute
	keyexchange=ike
	esp=aes,3des
	keyingtries=5
	rekeymargin=4m
	auth=esp
	authby=secret
	pfs=yes
	auto=start

ipsec.secrets :
abc.dnsalias.net xyz.dnsalias.net : PSK "password"

Deepak Chopra

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus/trojan/worms/malicious code transmitted by this email.

www.mind-infotech.com 