Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: ciaran finnegan on March 07, 2002, 12:00:19 PM

Title: Absolute Beginner trying to manipulate templates that genera
Post by: ciaran finnegan on March 07, 2002, 12:00:19 PM

Hi,

I want to setup a FreeSWAN IPSEC VPN with a Win2K client with a fixed IP Address using a PreShared Key'

I've got IPSEC up and running but I'm having a problem configuring it.

I want to change /etc/ipsec.conf

I've figured out that this is generated from /etc/e-smith/templates/ipsec.conf/

but now I'm stuck

how do I modify these templates to add my connection, something like

conn %default
        keyingtries=1
        authby=secret

conn Sydney_Melbourne
        type=tunnel
        left=xxxx
        leftnexthop=xxxx
        leftsubnet=xxxx/xx
        right=xxxx
        rightnexthop=xxxx
        keyexchange=ike
        keylife=8h
        lifetime=8h
        pfs=no
        authby=secret
        auto=add

tia,

ciaran

Title: Re: Absolute Beginner trying to manipulate templates that ge
Post by: Jon on March 07, 2002, 12:23:58 PM

Have a look at this page http://www.e-smith.org/custom/
You have to make a custom template and then expand it. You may have to stop and re start the service afterwards.
Its pretty easy once you wrap your head around it.

Jon
PS Did you see the how to for this on www.myezserver.com under support.

Title: Re: Absolute Beginner trying to manipulate templates that ge
Post by: ciaran finnegan on March 08, 2002, 01:38:06 AM

Thanks Jon, you're a Gent.

Sorry, I missed the howto, but I'll know where to look next time.

Title: Re: Absolute Beginner trying to manipulate templates that ge
Post by: Lloyd Keen on March 08, 2002, 02:42:26 AM

Setting it up this way would require a lot of mucking around. Why don't you just create a PPTP tunnel from the e-smith manager (under remote access) and then setup a VPN connection on the XP/2000 box. It would be a lot easier. My understanding is that IPsec is used more in a LAN to LAN config rather than a host to LAN setup (although this can be done).

Title: Re: Absolute Beginner trying to manipulate templates that ge
Post by: ciaran finnegan on March 08, 2002, 09:52:58 AM

I'm beginning to realise how right you are, if all else fails I'll give the PPTP thing a try. For now I'm determined to get some satisfaction out of the hours I've spent struggling with it (figuring out how to use vi was a low point)

Cheers for the suggestion though.Lloyd Keen wrote:
>
> Setting it up this way would require a lot of mucking around.
> Why don't you just create a PPTP tunnel from the e-smith
> manager (under remote access) and then setup a VPN connection
> on the XP/2000 box. It would be a lot easier. My
> understanding is that IPsec is used more in a LAN to LAN
> config rather than a host to LAN setup (although this can be
> done).

Title: Re: Absolute Beginner trying to manipulate templates that ge
Post by: Dan G. on March 08, 2002, 05:11:23 PM

Don't use vi!  Use Midnight Commander --- it's much quicker to learn and more intuitive for a beginner.  You can even point and click with yer mousie thing...

Dan