Active Topics
-
Extra softwares in Sailfish using CLI, repositories, etc (117)
to SailfishOS by nieldk - 1 day, 1 hr ago -
Firefox with Leste (6)
to Maemo 7 / Leste by teroyk - 1 day, 22 hrs ago - more...
| The Following User Says Thank You to imagomundi For This Useful Post: | ||
 |
|
2012-08-30
, 09:50
|
|
Posts: 122 |
Thanked: 135 times |
Joined on Dec 2009
@ Helsinki
|
#32
|
Originally Posted by imagomundi
Well, If you're not in hurry this speed is OK to me -- and I think we
Thx for the flowers
I don't have an Android device at hand for a few weeks. Maybe it is possible you have a look at it yourself? The user in the IPPhone-Forum said that he used a vpnc client downloaded from android market which he altered in the way I described before.
Unfortunately my local time is 7,5 hrs. behind Helsinki - so I can only answer when it is midnight or even later in Helsinki and it will always take two full days to post and answer. I try to speed this up a little answering from my office's PC.
don't need too many iterations to solve this...
Originally Posted by imagomundi
It might be that is server is not interested on any id then this
I would guess one or the other problem and therefore ask:
1. What is the IPSec ID? I never saw such a data in none of my working NOKIA (Symbian) vpn clients and I do not see it in the vpn server's (FRITZBox) configuration either.
can be empty...
Originally Posted by imagomundi
I'm lazy to check out atm. If everything else fails then let's look this
2. Is "IKE DH Group dh2" identical with "GROUP_DESCRIPTION_II: MODP_1024" or/and "GROUP_DESCRIPTION: MODP_1024" as in the working Nokia vpn client's configuration?
I will post the 701's vpn client config later
option further...
Originally Posted by imagomundi
Frankly I don't know what this is. Maybe some microsoft thing :O -- In
3. "Domain" is the DDNS domain of the gateway? If my gateway is "My.dyndns.org" the domain is "dyndns.org"?
my config that is empty.
Originally Posted by imagomundi
No idea. My vpn[c] user name is just plain login name.
Finally: I read somewhere that the use of @ is not allowed in a vpnc user name? False or true?
---
Anyway, I'll compile a vpnc binary where
IKE_ATTRIB_LIFE_DURATION = 3600 (instead of 2147483)
and draft-ietf-ipsec-nat-t-ike-03 code is patched in place
of draft-ietf-ipsec-nat-t-ike-02. Whenever I get it done
I put it avalable somewhere -- let's hope that is enough
to solve this issue.
| The Following User Says Thank You to too For This Useful Post: | ||
|
|
2012-08-30
, 10:41
|
|
Posts: 13 |
Thanked: 8 times |
Joined on Jun 2012
|
#33
|
Originally Posted by too
Anyway, I'll compile a vpnc binary where
IKE_ATTRIB_LIFE_DURATION = 3600 (instead of 2147483)
and draft-ietf-ipsec-nat-t-ike-03 code is patched in place
of draft-ietf-ipsec-nat-t-ike-02. Whenever I get it done
I put it avalable somewhere -- let's hope that is enough
to solve this issue.
Thx - and please let me (us) know about this "somewhere".
|
|
2012-08-30
, 11:56
|
|
Posts: 122 |
Thanked: 135 times |
Joined on Dec 2009
@ Helsinki
|
#34
|
I applied a patch that adds natt 03 and lifetime negotiations (I think)
(vpnc-fritzbox.patch from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629646 , modified to apply on 0.5.3)
get
http://www.guru-group.fi/~too/tmp/vp....548_armel.deb
and try to see whe whether this works.
Tomi
(vpnc-fritzbox.patch from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629646 , modified to apply on 0.5.3)
get
http://www.guru-group.fi/~too/tmp/vp....548_armel.deb
and try to see whe whether this works.
Tomi
| The Following 2 Users Say Thank You to too For This Useful Post: | ||
|
|
2012-08-30
, 18:36
|
|
Posts: 13 |
Thanked: 8 times |
Joined on Jun 2012
|
#35
|
YES - IT WORKS! (with my FRITZBox 7390)
THANK YOU SOOO MUCH, Tomi, MUCHAS GRACIAS - you are my personal N9 hero - and surely the one of many other N9 users, too. Till today I always travelled with my N9 and additionally my 701 only for VPN reasons. From today on the N9 will travel alone.
EDIT: it WORKED the whole afternoon and now I'm getting again (different) error messages - I will try first to sort out possible errors on my server config and if necessary come back here
Last edited by imagomundi; 2012-08-31 at 05:13.
THANK YOU SOOO MUCH, Tomi, MUCHAS GRACIAS - you are my personal N9 hero - and surely the one of many other N9 users, too. Till today I always travelled with my N9 and additionally my 701 only for VPN reasons. From today on the N9 will travel alone.
EDIT: it WORKED the whole afternoon and now I'm getting again (different) error messages - I will try first to sort out possible errors on my server config and if necessary come back here
Last edited by imagomundi; 2012-08-31 at 05:13.
| The Following User Says Thank You to imagomundi For This Useful Post: | ||
|
|
2012-08-31
, 20:38
|
|
Posts: 509 |
Thanked: 626 times |
Joined on Jul 2012
@ Mexico/Germany
|
#36
|
Hy Imagomundi,
how is your configurationfile? Like you described before here or you made some changes?
how is your configurationfile? Like you described before here or you made some changes?
|
|
2012-09-01
, 03:38
|
|
Posts: 13 |
Thanked: 8 times |
Joined on Jun 2012
|
#37
|
VPN on my N9 is working again on my FRITZBox 7390 as it should with this configuration:
Thanks once more to TOMI
Last edited by imagomundi; 2012-09-01 at 10:55.
Code:
enabled = yes;
conn_type = conntype_user;
name = "name@name";
always_renew = no;
reject_not_encrypted = no;
dont_filter_netbios = yes;
localip = 0.0.0.0;
local_virtualip = 0.0.0.0;
remoteip = 0.0.0.0;
remote_virtualip = 192.168.174.202;
remoteid {
key_id = "name@name";
}
mode = phase1_mode_aggressive;
phase1ss = "all/all/all";
keytype = connkeytype_pre_shared;
key = "keykeykeykey";
cert_do_server_auth = no;
use_nat_t = yes;
use_xauth = yes;
xauth {
valid = yes;
username = "name@name";
passwd = "passwordpassword";
}
use_cfgmode = yes;
phase2localid {
ipnet {
ipaddr = 0.0.0.0;
mask = 0.0.0.0;
}
}
phase2remoteid {
ipaddr = 192.168.174.202;
}
phase2ss = "esp-all-all/ah-all/comp-all/no-pfs";
accesslist =
"permit ip 192.168.174.0 255.255.255.0 192.168.174.202 255.255.255.255",
"permit ip any 192.168.174.202 255.255.255.255";
VPN9C :
Gateway: mein.dyndns.org
Group Name: name@name
Group Pwd: keykeykeykey
Username: name@name
Password: passwordpassword
Last edited by imagomundi; 2012-09-01 at 10:55.
|
|
2012-09-03
, 12:22
|
|
Posts: 122 |
Thanked: 135 times |
Joined on Dec 2009
@ Helsinki
|
#38
|
Great that this works for imagomundi now.
New version now available at
https://www.nixuopen.org/projects/too/vpn9c/
New version now available at
https://www.nixuopen.org/projects/too/vpn9c/
|
|
2012-09-06
, 03:19
|
|
Posts: 8 |
Thanked: 1 time |
Joined on Nov 2011
|
#39
|
Is it possible to add PPTP support?
|
|
2012-09-07
, 13:11
|
|
Posts: 122 |
Thanked: 135 times |
Joined on Dec 2009
@ Helsinki
|
#40
|
Originally Posted by sammyl
Unfortunately the "built-in" vpnc software does not have any
Is it possible to add PPTP support?
reference to pptp, so it is not just a configuration issue.
If someone(tm) provides an user-space software capable of
pptp communication and configuration examples then the
vpn9c gui could be adjusted to use that -- in a new package.
Unfortunately my local time is 7,5 hrs. behind Helsinki - so I can only answer when it is midnight or even later in Helsinki and it will always take two full days to post and answer. I try to speed this up a little answering from my office's PC.
I would guess one or the other problem and therefore ask:
1. What is the IPSec ID? I never saw such a data in none of my working NOKIA (Symbian) vpn clients and I do not see it in the vpn server's (FRITZBox) configuration either.
2. Is "IKE DH Group dh2" identical with "GROUP_DESCRIPTION_II: MODP_1024" or/and "GROUP_DESCRIPTION: MODP_1024" as in the working Nokia vpn client's configuration?
I will post the 701's vpn client config later
3. "Domain" is the DDNS domain of the gateway? If my gateway is "My.dyndns.org" the domain is "dyndns.org"?
Finally: I read somewhere that the use of @ is not allowed in a vpnc user name? False or true?
Last edited by imagomundi; 2012-08-29 at 17:48.