Linode Forum :: Lost with vpn config

Linode Forum https://forum.linode.com/

Lost with vpn config https://forum.linode.com/viewtopic.php?f=19&t=11838	Page 1 of 1

Author:	RodneyMcKay [ Sun May 17, 2015 6:14 pm ]
Post subject:	Lost with vpn config
I've been trying to setup a vpn connection from my home PFSense to my Linode for a while now. I've come a long way and read a lot of things. I feel like I should be very close, but I've never configured StrongSwan before. What I want is to setup my linode to appear as another host on my lan, so that I can route certain services over the encrypted VPN connection. I'm looking for something like ftp/smb/nfs. Probably SMB as I develop on Windows. After completing a multistage in place upgrade from Ubuntu 12.x 32bit to 14.04 64bit upgrade, I've been trying to follow this article http://rmdavidson.blogspot.com/2011/01/linux-strongswan-vpn-to-cisco-router.html but having a hard time understanding how any of it works as I can't get anything to connect to show in logs. I'm pretty sure I'm looking to replicate at least a portion of the bdi-nas connection, as all I want is the specific traffic for the target network on the vpn. I don't want to tunnel all my traffic either way, which is unfortunately just about all I can find for other documentation, nothing talks about split-tunnel. I have active IPSec connections from home to two separate remote offices with site to site, 1 running a PFSense firewall and one a Cisco ASA. So I know I'm not having a filtering/firewall problem. I'm feeling lost at this point. I've wiped my config on both ends a few times and am just having a hard time with StrongSwan, OpenSwan didn't do any better, and I just hit a wall looking into OpenVPN. Suggestions, examples, alternatives would all be welcome. This is my first site to single public host, and I think I'm getting stuck with something at this part. Is site-to-host much different than site-to-site? What magic does StrongSwan do? Do I need a dummy interface?

Author:

ken-ji [ Sun May 17, 2015 7:38 pm ]

Post subject:

Re: Lost with vpn config

I use this connection from my home vpn server to my Linode. the Linode shows up as subnet 192.168.3.1/24 which the vpn server routes for the rest of the home lan

Code:

conn slackbox
        auto=route
        left=192.168.2.6
        leftcert=vpn.pem
        leftid="CN=vpn.way-of-the-blade.com"
        leftsubnet=192.168.2.6/24
        leftsourceip=192.168.2.6
        leftauth=pubkey
        mobike = yes
        right=192.81.129.220
        rightcert=slackbox.pem
        rightid="CN=slackbox.way-of-the-blade.com"
        rightsubnet=192.168.3.1/24
        rightauth=pubkey
        dpdaction=restart
        ike=aes256-sha1-modp2048

On the Linode end:

Code:

conn stnino
        auto=route
        leftcert=slackbox.pem
        leftid="CN=slackbox.way-of-the-blade.com"
        leftsubnet=192.168.3.1/24
        leftsourceip=192.168.3.1
        leftfirewall=no
        leftauth=pubkey
        mobike=yes
        right=vpn.way-of-the-blade.com
        rightcert=vpn.pem
        rightid="CN=vpn.way-of-the-blade.com"
        rightsubnet=192.168.2.6/24
        rightsourceip=192.168.2.6
        rightauth=pubkey
        ike=aes256-sha1-modp2048

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/