Topic: Freeswan IPSEC to Linksys Router

[mereena]

I am running SME 6. I an trying to create an IPSEC VPN tunnel between my SME server and a Linksys BEFSX41 VPN router. I understand that Freeswan in the IPSEC of choice. I have installed the latest version of Freeswan on my SME using the instructions from these forums. However, I cannot get it to work with my Linksys VPN router. Has anyone tried to get Freeswan to connect to a Linksys BEFSX41 router? I'm not sure what settings I need for the router or Freeswan.

Not sure if this helps or not, but the local IPs of my SME server are 192.168.0.x and the local IPs of the Linksys router are 192.168.1.x

Any help would be appreciated!

[stancol]

Things to try:

Your ip address range would depend on your subnet mask. If you're subnet mask is /24 or 255.255.255.0 then your SME server and the Linksys box are in different subnets. Try changing them to be in the same subnet. 192.168.1.1/24 = SME and 192.168.1.2/24 = Linksys box.

I'm not sure but I wasn't aware that you could use IPSEC with the Linksys box. I thought they were only doing traditional VPN connections. Anybody please correct me if I'm wrong.

Here is a link to a hack that will let you see more options on your Linksys box.

http://www.techtv.com/screensavers/darktips/story/0,24330,3659113,00.html

Surprise surprise Linksys routers are actually running Linux. This hack might even help you set up your IPSEC.

Just wondering.....why would you want to run security between your SME box and the router anyway? IPSEC will eat some processor time on both boxes. Don't trust anybody on your own network? Not an insult just wondering?

[Anonymous]

Things to try:

I'm not sure but I wasn't aware that you could use IPSEC with the Linksys box. I thought they were only doing traditional VPN connections. Anybody please correct me if I'm wrong.

Just wondering.....why would you want to run security between your SME box and the router anyway? IPSEC will eat some processor time on both boxes. Don't trust anybody on your own network? Not an insult just wondering?

I think the linksys is at a users home and the SME server is at corporate. This linksys router does ipsec.

[stancol]

Two notes:

1.) I just noted that the link I gave above only works with ONE Linksys Wireless Router. Maybe I should learn to read completely.

2.) I guess I wasn't thinking about remote use. Sometimes I guess I'm just blind.   Thanks for setting me straight....I knew someone would.

[stancol]

I think it was the use of private IP addresses that threw me.

Not sure if this helps or not, but the local IPs of my SME server are 192.168.0.x and the local IPs of the Linksys router are 192.168.1.x

Somehow I thought the setup was only internal. Maybe Mereena will write back with more information. If this setup is trully between an office and a home then the internal IP address wouldn't matter only the external IP address would. The only place you'd have to enter the internal IP address would be in the setup where you add internal router.

[mereena]

Well, the previous post was correct. The SME is located at the office and the Linksys router is at an employee's  house. The purpose of this connection is to create a VPN tunnel between an employee's house and the office for the purpose of VoIP. I think the problem lies in the encryption type that the Linksys and SME uses. If anyone needs further info, post a question and I will answer it.

[ryan]

I use IPCop as my primary router at a central location.  I have 6 remote locations consisting of 2 IPCop servers and 4 linksys VPN routers.  IPCop comes with IPSEC and it is easy to setup a tunnel to another IPCop or Linksys router.  

If you have the time, you might download IPCop and test it.  Personally, I use IPCop for routing and VPN.  I use SME for services like http, ftp, and email filtering and is the proxy server for all 6 locations.  

good luck,

ryan

[stancol]

Just a thought. The only reason I even thought of it is that I have this problem between one of my sites and my main SME box. The client runs a CISCO Pix firewall and blocks everything under the sun including VPN. It's a long shot but maybe it's being blocked somewhere between the office and home. If you have a second location with using a different ISP you might want to try it. You might want to even try it at the office using a crossover cable or extra switch to make the connection. If it works at the office with nothing in-between the Linksys box and the SME box it's probably being blocked by an ISP somewhere. Also make sure that you remove anything between you and the office. Some DSL modems come with built in firewalls that could block VPN as well. If I remember correctly the DSL modem I found it on was a Speedstream DSL modem.

[Guest]

Have a E-smith talking to a Linksys router
Have another to a cisco pix, no problem.

Linksys:
http://www.freeswan.ca/docs/BEFVP41/

grz,

Richard.

[stancol]

Actually I didn't tell the whole story. You can run it through a Cisco pix if the administrator doesn't shut VPN off.

Great link, every web site should have a graphic like that to tell you how to set up a VPN.