[Openswan Users] General Guidance - Connecting to Sonicwall Global VPn
gaiseric.vandal at gmail.com
Fri Jun 13 11:30:31 EDT 2014
I don't use Ubuntu, I use Fedora. This will change the GUI interface
available for OpenSWAN. Which doesn't work properly in Fedora anyway so
I have to do everything via command line.
The sonicwall windows client uses IPSec Tunnel with xauth
authentication. The client config file that you export from the
Sonicwall appliance includes the PSK and other parameters. You can
use openswan to configure an equivalent type of connection, but you do
need to know the PSK, encryption settings, and group name. Unlike the
windows client, a virtual NIC is not used, so you may also have to tweek
some routing/forwarding options on the linux machines.
The alternate approach used by the sonicwall is an
L2TP-tunnel-over-IPSec-transport, if enabled on the sonicwall. The GUI
may work better with this- but I think it is also using openswan or
libreswan in the background. This will provide a virtual NIC on the
client. This is same approach used by the IPSec VPN client support
native in MS windows.
A few tech savvy people at my work use Openswan for the VPN
client. But it turns out to be such a PITA that we found for some
people it was simpler to purchase a Sonicwall TZ105 for some remote
users, and just configure a site-to-site link.
On 06/12/14 20:52, Mark Newnham wrote:
> I am wondering if it is possible to connect an Ubuntu 14 system to a
> Sonicwall Global VPN server under the following circumstances:
> The connection, when done under Windows is the simplest possible when
> using the Sonicwall Windows Client software:
> 1. Run the microsoft installer
> 2. Enter the server name
> 3. When prompted, enter the user name and password.
> There are no shared keys, group passwords or any other configurations
> The system I am connecting to is run by a third party, so I have no
> access to configuration settings. The local client has a DHCP
> allocatted IP address and its internet connection is NAT'd through an
> Astaro firewall.
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users