Thread: N800 VPN Client. Cash Reward?
View Single Post
mephistos is offline mephistos
2007-03-01 , 08:53
Posts: 5 | Thanked: 0 times | Joined on Mar 2007
#7
Originally Posted by framerate View Post
So I'm a decent programmer myself, but with no experience with Maemo yet combined with no experience with the technical side of VPN or kernel patching, this is not something I want to attempt coding...

My school/work uses PPtP and IPSEC VPN (see http://kb.iu.edu/data/ajrq.html )

What I really want is a simple GUI that allows me to enter the required name/pass/key options and will connect using the above protocol and allow me to use my N800 @ the office.

I really have little knowledge on how big of an undertaking this is, but I know it could definitely benefit the community if something like this happened and I'd be willing to put up some cash to someone who was able to get it working (and I assume some others would do the same).

I'm not talking about owning the rights or anything gross and non-opensource friendly. Just a small reward for someone who's willing to use their valuble time to write some software they wouldn't normally take the time to write perhaps.

If you think you might be able to do this, or perhaps know some more info on the technical limitations of the N800 hardware to allow this, or even if you want to offer up some money yourself, please post here!

If it doesn't work out, at least I gave my attempt to make it happen

Thanks guys!
Hi,

I just saw your posting, and I think I may know how to pull it off, though it will take me some time to put the solution together with a GUI. I can however most likely put together something that can be used from a shell much quicker while we get the GUI worked out afterwards. I've configured VPNs on a LOT of systems and routers and most of my time was spent configuring IPSec in crossplatform setups for functionality between Windows & Linux.

The GUI would be a front end to OpenSwan one of the more powerful VPN applications out there. The solution that your campus requires, to make it simpler for their Windows clients to connect is actually a hell of a lot more complicated. IPSec creates a Layer 3 tunnel from peer to peer, then L2TP tunnels PPP inside another Layer 2 GRE tunnel, and finally PPP will authenticate and give you an IP on your campus' network. This is not an easy task to configure - but due to M$'s wisdom that is how "their" version of IPSec built in clients work!

The result is that you will need a Shared Key from your campus as well as a login and password to connect.

Now on the N800, which I am going to purchase this month (yay!) runs a version of debian, it should be possible to rebuild the packages necessary for your VPN client solution, which would roughly be:

1. openswan or strongswan w/ x.509 certificate patches
2. L2TP patched version of ppp
3. kernel modules for IPSec, either native or openswan implementations as well as any other protocols we are likely to need (GRE etc etc).
4. iproute2
5. Our own custom made front end (possibly written in GTK+) that configures and Initiates/Terminates tunnels for openswan.

Now, I haven't investigated OpenVPN - it may be that much easier to implement this solution with that piece of software - but honestly, I looked at your post and said - HEY I KNOW HOW TO DO IT. So lets try!

- Mephistos