[Openswan Users] trying to make a connection to a Checkpoint SecuRemote with hybrid authentication vpn

Cristian Falcas cristi.falcas at gmail.com
Thu Jul 9 11:59:57 EDT 2009


Hello all,

I'm trying to make my linux machine connect to a Checkpoint vpn that is
using hybrid authentication (at least I think this is the name).

Let me first explain you the network:

(my machine 10.0.0.100 ) ---> ( 10.0.0.1 firewall 12.12.169.237 ) ---> (
123.123.190.160 Checkpoint fw ) ---> 10.20.30.xx network

And now written:
- my ip is 10.0.0.100
- from here I'm going to internet via gw 10.0.0.1
- my external ip is 12.12.169.237
- I want to connect to a customer network via a Checkpoint SecuRemote
firewall. His network has ip's in the range 10.20.30.xx
- the connection to the customer is via the ip 123.123.190.160

>From Windows I'm using their vpn client and I have to provide the IP
(123.123.190.160), a username and a password. After that everything is
transparent for me.

I tried a lot of documents from the net, but all of them where pretty old
and very thin on explanations (for me at least).

Can someone help me or send me to some documentation related to this, in
order to connect to this VPN from linux?

>From what I've read until now, some people managed to make the connection
work.

The closest thing I got to my setup is this:
http://emsi.it.pl/auto/opensclienthowto

I got a certificate from http://123.123.190.160:18264/, followed _some_
steps in the tutorial, but I can't see anywhere where it's using
authentication with user/pass. An other problem for me is that I don't have
any access to the firewall, so I can't get the firewall certificate.

If I'm going the wrong way, please advise.

My software:

ipsec --version
Linux Openswan U2.6.21/K2.6.29.5-191.fc11.i686.PAE (netkey)

Best regards,
    Cristian Falcas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090709/88ed8871/attachment.html 


More information about the Users mailing list