Hello everyone,
I am trying to set up a VPN connection to my server for the connection of my iPhone. OpenVPN is running perfect and so my laptop is already securely connected. Unfortunatly OpenVPN is not supported on the iPhone.
The setup is as follows:
WAN IP: 84.27.xxx.xxx (also linked to a domainname)
Router IP: 192.168.178.1
Server IP: 192.168.178.99
iPhone IP: %any
allowed users should be system users and I want a secret key.
I have been reading all sorts of tutorials and I do come up with installing openswan/ipsec.
my /etc/ipsec.conf
my ipsec vefify
and my /etc/ppp/chap-secrets
Unfortunatly my iPhone won't play with it. What am I doing wrong??
I am trying to set up a VPN connection to my server for the connection of my iPhone. OpenVPN is running perfect and so my laptop is already securely connected. Unfortunatly OpenVPN is not supported on the iPhone.
The setup is as follows:
WAN IP: 84.27.xxx.xxx (also linked to a domainname)
Router IP: 192.168.178.1
Server IP: 192.168.178.99
iPhone IP: %any
allowed users should be system users and I want a secret key.
I have been reading all sorts of tutorials and I do come up with installing openswan/ipsec.
my /etc/ipsec.conf
Code:
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
oe=off
protostack=netkey
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=192.168.178.99
leftprotoport=17/1701
right=%any
rightprotoport=17/%anyCode:
[root@server ~]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.37/K3.3.5-2.fc16.x86_64 (netkey)
Checking for IPsec support in kernel [OK]
SAref kernel support [N/A]
NETKEY: Testing XFRM related proc values [OK]
[OK]
[OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking /bin/sh is not /bin/dash [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
[root@server ~]#Code:
# Secrets for authentication using CHAP
# client server secret IP addresses
username * mysecretkey *