[Openswan Users] Help for making VPN Tunnel using DynDNS on DSL Routers

Patrick Ford fenderdood at gmail.com
Tue Jan 16 10:37:47 EST 2007 

IN the following example I will asume that left=local and right=remote. This
is just a convention, it need nt bee this way....
This is the config for the home openswan.

conn here-there
    right=office.dnsalias.org
    rightid=@office.dnsalias.org
    left=%defaultroute
    leftid=@home.dnsalias.org
    authby=secret
    auto=start
    ### THE FOLLOWING LINES ARE OPTIONAL the defualt values are already
predefinied as such.
    keyexchange=ike
    esp=aes,3des
    keyingtries=5
    rekeymargin=4m
    auth=esp
    pfs=yes

Here is the config for the office openswan....

conn here-there
    right=office.dnsalias.org
    rightid=@home.dnsalias.org
    left=%defaultroute
    leftid=@office.dnsalias.org
    authby=secret
    auto=start
    ### THE FOLLOWING LINES ARE OPTIONAL the defualt values are already
predefinied as such.
    keyexchange=ike
    esp=aes,3des
    keyingtries=5
    rekeymargin=4m
    auth=esp
    pfs=yes


the ipse.csecrets file for home....
office.dnsalias.com home.dnsalias.com: PSK "password"

This should get you up and running..... BTW, is there any reason you are not
using rsasig type authentication? It way more secure. If you require help
with that I'm sure a quick dive in the the man page for ipsec.conf could
help with that.

Best Regards,

Patrick Ford


the ipsec.secrets file for the office......
home.dnsalias.com office.dnsalias.com: PSK "password"






On 16/01/07, Deepak Chopra <deepak.chopra at mind-infotech.com> wrote:
>
> Dear ALL,
>
> I've a problem in setting up a VPN connections between my Home Network to
> my
> OfficeNetwork,
> Where 3 machines are connected to my home network and the same number of
> machines are installed in my office.
> I want to make a VPN connection on both gateways with FreeSWan using
> Dynamic
> IP Addresses.
>
>                   192.168.1.2 (eth0)        192.168.1.1
> 192.168.1.1        192.168.1.2(eth0)
>                 |        |           |    |   |        |      [          ]
> |    |       |     |    |    |
> ---|------->----|----Gateway Linux---|===>|-DSL Router-|------[ INTERNET
> ]---|-DSL ROUTER-|-----|--Linux--|--<---|----
>    |            |        |           |    |   |        |      [          ]
> |    |       |          |           |
> 17.29.18.0/24     172.29.18.1 (eth1)          |
> |                  |  192.168.10.0/24
> HomeNetwork                              abc.dnsalias.net
> xyz.dnsalias.net       |      OfficeNet
>
> |
>
> 192.168.10.1 (eth1)
>
> In the above mentioned Scenario, I've two DSL Routers with same
> configuration. Both are taking Dynamic IP address from the ISP and on both
> the DSL Routers I've configured the DynDNS.org user accounts (
> abc.dnsalias.net and xyz.dnsalias.net) and these DSL routers are directly
> connected to the Linux (RedHat9) GateWay Machines on eth0 interface. Now I
> want to make a VPN Tunnel between my HomeNet and OfficeNet.
>
> Kindly suggest me how it is possible. And I'm also sending you the
> ipsec.conf and ipsec.secrets along with this.
>
> I'd be highly thankful to you if I'm able to connect my home network
> machine
> to my office network.
>
>
> Deepak Chopra
>
>
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s) and
> may contain proprietary, confidential or privileged information. If you are
> not the intended recipient, you should not disseminate, distribute or copy
> this e-mail. Please notify the sender immediately and destroy all copies of
> this message and any attachments.
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> should check this email and any attachments for the presence of viruses. The
> company accepts no liability for any damage caused by any
> virus/trojan/worms/malicious code transmitted by this email.
>
> www.mind-infotech.com
>
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
>
>


-- 

"Education is what remains after one has forgotten what one has learned in
school."
     Albert Einstein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070116/c7e489b1/attachment-0001.html

More information about the Users mailing list