Thanks to the great howto at
http://myezserver.com/downloads/mitel/contrib/freeswan-0.4/freeswan-howto.htmlI now have a working IPSec network-to-network VPN across half a continent. Yippee! It was a struggle -- had to have Internet provider at one end change static IP setup, get them to accept a SME box in place of the Linksys router they'd provided ... but most of all, correctly set up all values for internal/external IPs & gateways. Amazing what one tiny error will do.
Anyway, the main reason the client wanted this was so everyone on the WAN could access a SCO Unix application ... which unfortunately didn't respond to requests from the far side of the VPN link ... until I learned more about SCO than I ever wanted to and delved into the mysteries of the "route add" command. Problem solved.
Now, if I could just get NetBIOS & network shares working for the 9x workstations ... *sigh*
Oh well, that's a problem for another day. So for those of you who want to do this ... static IPs at both ends with no funky NATing by the ISP and be careful setting up the local networks and the VPN entries. When you can ping across the link you have a working IPSec VPN ... but that might be just the battle, not the war. Good luck to all! And thanks to those of you who wrote with assistance.
0 Replies
468 Views