Active Topics
-
Camera phone competition March 2023 "Endless" (35)
to General by Maemish - 1 day, 2 hrs ago -
TLS 1.2 for N9 is ready (28)
to MeeGo / Harmattan by smartblu9 - 1 day, 3 hrs ago -
Maemo repository (3)
to Community by torsen - 1 day, 19 hrs ago -
Error after installing Leste on sdcard (11)
to Maemo 7 / Leste by Maemish - 2 days, 16 hrs ago -
Introducing ubiboot N9 (multiboot OS loader) (1,393)
to Alternatives by smatkovi - 3 days, 23 hrs ago - more...
|
2010-04-21
, 18:22
|
|
Posts: 96 |
Thanked: 25 times |
Joined on Apr 2010
@ India
|
#12
|
does it work with IPSec 3DES
|
|
2010-04-21
, 19:32
|
|
Posts: 1,141 |
Thanked: 781 times |
Joined on Dec 2009
@ Magical Unicorn Land
|
#13
|
Sure, I use vpnc on my desktop machine as well as my N900, and I do exactly the same commands and setup the same way on both. I don't use the GUI, I just use xterm.
I created a file in /etc/vpnc/company.conf with my company's VPN settings. Here's what they are, the parts I changed are in bold font:
Now that the file is there, I can connect with "company" as a shortcut to that configuration. This is the exact commandline I use:
After it connects, vpnc is launched as a background process and you can exit the xterm. When you're done with using the VPN you can open xterm and type:
which will disconnect the VPN and close the vpnc background process.
Also important to know that vpnc on N900 does not (for me) work when you are connected to gprs (cellular internet)... only on wlan (WiFi).
To see all available command-line options type:
And yes it works with 3des, that's what we use at my company.
I created a file in /etc/vpnc/company.conf with my company's VPN settings. Here's what they are, the parts I changed are in bold font:
Code:
IPSec gateway 123.123.123.1 IPSec ID MYVPN IPSec obfuscated secret 9083258390532(long hex string) Xauth username myusername
Code:
sudo vpnc --dpd-idle=0 company
Code:
sudo vpnc-disconnect
Also important to know that vpnc on N900 does not (for me) work when you are connected to gprs (cellular internet)... only on wlan (WiFi).
To see all available command-line options type:
Code:
vpnc --long-help
| The Following User Says Thank You to stlpaul For This Useful Post: | ||
|
|
2010-04-21
, 22:31
|
|
Posts: 393 |
Thanked: 67 times |
Joined on Feb 2010
|
#14
|
stlpaul, thank you for your wonderfully complete response. I will try this out within the next day.
As a side note, in my previous tests I was able to connect to my Cisco VPN over both Wi-Fi and Cellular (Tmobile in the USA, using the Tmobile "VPN Data Plan" which provides a public IP directly to my N900). Of course the connection would drop soon thereafter, but that is a different issue which hopefully your last post will help the community address.
As a side note, in my previous tests I was able to connect to my Cisco VPN over both Wi-Fi and Cellular (Tmobile in the USA, using the Tmobile "VPN Data Plan" which provides a public IP directly to my N900). Of course the connection would drop soon thereafter, but that is a different issue which hopefully your last post will help the community address.
|
|
2010-04-21
, 23:54
|
|
Posts: 393 |
Thanked: 67 times |
Joined on Feb 2010
|
#15
|
Update:
It looks like the solution carefully provided by stlpaul is absolutely correct. I have used the "--dpd-idle=0" additional suffix and now I am staying connected, hopefully indefinately. I have run a ping and have successfully pinged up to ping sequence 1,100+, which tells me the connection is solid.
In short, it seems my problem was over-reliance on a GUI VPN front end program for vpnc called vpngui, version 5.4.4. It seems the next step would be to somehow edit the vpnc-gui configuration to add the "--dpd-idle=0" additional suffix, which would complete this super setup. This may involve making changes to the source code for vpngui, version 5.4.4 to add the "--dpd-idle=0" additional suffix by default to every connection it makes.
I am very new to Linux, but I would not shy away from recompiling vpngui, version 5.4.4 to make this change. Can anyone offer any advice on how we could make this small change to vpngui, version 5.4.4?
Thank you very much
It looks like the solution carefully provided by stlpaul is absolutely correct. I have used the "--dpd-idle=0" additional suffix and now I am staying connected, hopefully indefinately. I have run a ping and have successfully pinged up to ping sequence 1,100+, which tells me the connection is solid.
In short, it seems my problem was over-reliance on a GUI VPN front end program for vpnc called vpngui, version 5.4.4. It seems the next step would be to somehow edit the vpnc-gui configuration to add the "--dpd-idle=0" additional suffix, which would complete this super setup. This may involve making changes to the source code for vpngui, version 5.4.4 to add the "--dpd-idle=0" additional suffix by default to every connection it makes.
I am very new to Linux, but I would not shy away from recompiling vpngui, version 5.4.4 to make this change. Can anyone offer any advice on how we could make this small change to vpngui, version 5.4.4?
Thank you very much
|
|
2010-04-22
, 00:54
|
|
Posts: 18 |
Thanked: 9 times |
Joined on Nov 2009
@ Orange County, CA
|
#16
|
How much do you pay for the T-Mobile VPN data plan? I haven't been able to get VPN to work over my $30 a month smartphone plan.
|
|
2010-04-22
, 13:52
|
|
Posts: 393 |
Thanked: 67 times |
Joined on Feb 2010
|
#17
|
Since I've had Tmobile since the Voicestream days (10 years ago) the VPN data plan is $20/month... but they told me that if I make any drastic changes to my plan I will forfeit the cheap data plan and would have to get the normal more expensive data plan, like all new customers.
|
|
2010-04-22
, 19:01
|
|
Posts: 1,141 |
Thanked: 781 times |
Joined on Dec 2009
@ Magical Unicorn Land
|
#18
|
I'm glad I could help!
I'm using the $10 a month T-Mobile internet so maybe that's why VPN doesn't work for me.
I'm using the $10 a month T-Mobile internet so maybe that's why VPN doesn't work for me.
|
|
2010-04-23
, 02:49
|
|
Posts: 393 |
Thanked: 67 times |
Joined on Feb 2010
|
#19
|
For those interested in setting aliases to run this script from xterm without doing tons of typing, in my case I had to perform a 'chmod' on the vpnc file in /opt/maemo/usr/sbin/ before my aliases would work.
cd /opt/maemo/usr/sbin/
chmod +x vpnc
This should let you run your alias directly from the $ prompt.
But i'm sure there are better ways to do this...
cd /opt/maemo/usr/sbin/
chmod +x vpnc
This should let you run your alias directly from the $ prompt.
But i'm sure there are better ways to do this...
|
|
2010-05-18
, 09:42
|
|
Posts: 1 |
Thanked: 0 times |
Joined on May 2010
|
#20
|
Thank you for the explanation, right now, I can stay connect to my Uni-Cisco VPN using both cpngui or --idle things, but one problem that occur to me is I can connect to skype or anything that I have installed in my N900 such as a forecast or go to maemo to install a program, but I can't browse to web, or even download from maemo.org..
Is there any step that missed by me? so I can't browsing to internet?
Here is when I use the --idle=0...
sudo vpnc --dpd-idle=0 my_uni
route : SIOCDELRT : no such process
route : SIOCDELRT : no such process
sending state in dbus : connected
vpnc started in background (Pid : 1765)...
is there any mistake?
Is there any step that missed by me? so I can't browsing to internet?
Here is when I use the --idle=0...
sudo vpnc --dpd-idle=0 my_uni
route : SIOCDELRT : no such process
route : SIOCDELRT : no such process
sending state in dbus : connected
vpnc started in background (Pid : 1765)...
is there any mistake?
Essentially I am looking for the complete command since I cannot seem to get it running without it disconnecting after a while.
On the Vpnc web site I found the following two notes:
# disconnecting does not work reliable with all supported targets (a work-around is to connect with incorrect password, and then again with correct password)
# vpnc looses connection with some targets, even before the rekey-timer expires most probably due bugs with keepalive, dead-peer-detection or something else...