During VPN troubleshooting your Mac is not able to access the internet (VPN does not work (yet) and BLUE access also does not work without changes, see Setup BLUE). It is very helpful to have a computer which can permanently access the internet.
Try to find the mismatch between the two VPN configurations and your network configuration. On IPcop look for the name of your VPN connection (in the configuration above "iBook"). To see a continuous output of your log during VPN setup on your IPCop box execute In IPSecuritas you do it in the Preferences. The most important debugging help are the logs on IPCop (/var/log/messages) and on the Mac (/var/log/racoon.log) or the Log in IPSecuritas. At the end I have given some links which I found useful in debugging my setup. You need now to learn about IPSec, probably about both the OpenSwan implementation on IPCop and KAME on OS X. In case the above instructions lead not to a working VPN connection and you can not ping the green network then you need to start with: Troubleshooting Test VPNĪfter the VPN is setup successfully you should be able to ping BLUE, internet (RED), GREEN and the green network but not the WLAN AP (is now 'inside' the VPN). And Troubleshooting (see below) will cost you a LOT of time. One '2' mistyped by a '1' can break everything. If you have a problem check your network, your IP adresses, your configuration in IPCop and on your Mac. You should see after several IPSec up in the same window and then a green tick instead of the red cross. The last two lines in /var/log/racoon.log should mentionĪfter several seconds 'IPsec-SA established'. Sudo racoon -d -f /etc/racoon/nf -l /var/log/racoon.log Ĭonfigure your VPN connection with the following parameter: If you prefer a nice GUI get IPSecuritas from. # require traffic from $any to $my_addr be tunneled via $gateway # require traffic from $my_addr to $any be tunneled via $gateway
Proposal_check obey # obey, strict or claim # timer for waiting to complete each phase. Persend 1 # the number of packets per a send. Interval 20 sec # maximum interval to resend. # These value can be changed per remote node.Ĭounter 5 # maximum trying count to send. Randomize off # enable randomize length.Įxclusive_tail off # extract last one octet. Maximum_length 20 # maximum padding length. Path pre_shared_key "/etc/racoon/psk.txt" OS X Handmade (the CLI version)Ĭreate the following files but exchange the IP addresses with the IP adresses of your network: /etc/racoon/nf This key has of course to be exactly the same as in psk.txt (see below). Host-to-Net Virtual Private Network (RoadWarrior)Ī secret key can easily be generated on the Mac or the IPCop box with the command In the IPCop Web interface go to the VPN page and do the following configurations: VPN on BLUE The information that VPN and BLUE access are mutually exclusive (see ) I can not confirm. To flush the SAD and SPD entries and on your IPCop box you need to restart the VPN connection so that BLUE access works again. Remark: After having set up a VPN and coming back to BLUE access you need to stop the VPN on your Mac and execute It does not makes sense to proceed with the VPN setup if BLUE acess does not work! the internet (as described in ).Īfter BLUE access is set up you can ping the WLAN AP, BLUE, the internet (RED), GREEN but not the green network. That enables you to acess the IPCop box and the RED interface, i.e. BLUE Setupįirst set up BLUE access (see ). Replace my IP adresses in the instructions and configuration files below with the corresponding IP addresses of your network. Write down the network configuration for your network and make sure that your IP adresses are correct before you start with setting up the VPN. To set up a VPN between your IPCop 1.4 box and your Mac with OS X 10.2 (should probably also work on 10.3 and maybe other KAME based systems) and with a preshared key please follow the instructions below.ġ92.168.1.0/24-192.168.1.1-192.168.2.1-192.168.2.2-192.168.2.x
#Ipsecuritas remote identifier mac os x#
Keywords: VPN IPSec IPCop 1.4 Mac OS X 10.2 road warrior WLAN BLUE Openswan KAME racoon nf nf configuration setup howto Road warrior VPN connection between Mac OS X 10.2 and IPCop 1.4 via the Blue interface (WLAN) Helge Niedert, v1.1, 2 Road warrior VPN connection between Mac OS X 10.2 and IPCop 1.4 via the Blue interface (WLAN)