Fedora Linux Support Community & Resources Center
  #1  
Old 7th June 2012, 02:42 PM
seabird Offline
Registered User
 
Join Date: Jan 2009
Location: Den Bosch, Netherlands
Posts: 282
windows_7firefox
L2tp/ipsec

Hello everyone,

I am trying to set up a VPN connection to my server for the connection of my iPhone. OpenVPN is running perfect and so my laptop is already securely connected. Unfortunatly OpenVPN is not supported on the iPhone.

The setup is as follows:
WAN IP: 84.27.xxx.xxx (also linked to a domainname)
Router IP: 192.168.178.1
Server IP: 192.168.178.99

iPhone IP: %any

allowed users should be system users and I want a secret key.

I have been reading all sorts of tutorials and I do come up with installing openswan/ipsec.

my /etc/ipsec.conf
Code:
version 2.0
config setup
    nat_traversal=yes
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
    oe=off
    protostack=netkey

conn L2TP-PSK-NAT
    rightsubnet=vhost:%priv
    also=L2TP-PSK-noNAT

conn L2TP-PSK-noNAT
    authby=secret
    pfs=no
    auto=add
    keyingtries=3
    rekey=no
    ikelifetime=8h
    keylife=1h
    type=transport
    left=192.168.178.99
    leftprotoport=17/1701
    right=%any
    rightprotoport=17/%any
my ipsec vefify
Code:
[root@server ~]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.6.37/K3.3.5-2.fc16.x86_64 (netkey)
Checking for IPsec support in kernel                            [OK]
 SAref kernel support                                           [N/A]
 NETKEY:  Testing XFRM related proc values                      [OK]
        [OK]
        [OK]
Checking that pluto is running                                  [OK]
 Pluto listening for IKE on udp 500                             [OK]
 Pluto listening for NAT-T on udp 4500                          [OK]
Two or more interfaces found, checking IP forwarding            [OK]
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking /bin/sh is not /bin/dash                               [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]
[root@server ~]#
and my /etc/ppp/chap-secrets
Code:
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
username   *       mysecretkey        *
Unfortunatly my iPhone won't play with it. What am I doing wrong??
__________________
OS: Fedora 16
Casing: Chenbro RM21508B
Mainboard: ATX D2778
Processor: Intel Xeon W3550 (8 core)
Memory: 6Gb DDR3, ECC, 1333 MHz, PC3-10600
HD #1: OCZ Vertex 3 60Gb
Storage Drives: 4x 2Tb WD20EARS + 2x 2Tb WD20EARX
Graphics: Nvidia GeForce 210 Silent
PCI Card: Promise FastTrak TX4
Reply With Quote
Reply

Tags
iphone, ipsec, l2tp, l2tp or ipsec

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
L2TP/IPsec Server leonchik1976 Using Fedora 1 14th March 2012 05:45 PM
ipsec-tools missing IPsec tab packeto Installation, Upgrades and Live Media 1 5th August 2011 07:44 AM
Openvpn and l2tp/ipsec drewbrunson Servers & Networking 3 29th May 2011 05:59 AM
L2TP Servers & Networking 1 12th February 2004 07:56 AM


Current GMT-time: 07:40 (Monday, 01-09-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat