Changes

From Amahi Wiki
Jump to: navigation, search

IPsec VPN (view source)

Revision as of 10:30, 13 June 2017

346 bytes added ,  10:30, 13 June 2017
no edit summary
{{NeedsUpdate}}
We now have a new Amahi [http://www.amahi.org/apps/ipsec-vpn IPsec VPN app] for your HDA!
We now have a new [http://www.amahi.org/apps/ipsec-vpn IPsec VPN] app for your HDA!= Introduction =
This VPN stack has many advantages, although it still requires two ports to be forwarded from your router to your HDA. These are
* [[IPSec VPN Mac OS X Client | Mac OS X]] built-in client
* [[IPSec VPN Android Client | Android]] built-in client, (ICS, i.e. 4.x or later)
 
The Android (2.x/3.x) OS is known to be broken with respect to [http://www.amahi.org/apps/ipsec-vpn IPSec VPN]. See [[IPSEC/L2TP_VPN_Server|here]] for a manual implementation that should work.
'''NOTE:''' By default, the VPN will only route traffic destined for your home network via the VPN. General web traffic etc, will *not* be encrypted. To change this behaviour so that all network traffic from your client is routed via your VPN, edit /etc/racoon/racoon.conf and remove the lines beginning "split_network" and "split_dns". The restart racoon.  = Changing the Secret and/or the Group Name =
Optionally, you can change the secret and/or group name.
service racoon restart
= Route All IPSEC VPN traffic through IPSEC VPN (Amahi 6/Ubuntu) =
After you install IPSEC VPN and configure your router and iPhone correctly, you may find that Twitter and Facebook are still blocked by some networks. Also searching for "what is my ip" via Google or your favorite search engine will report back that you are still on the local network.
2. Go to /etc/racoon.
{{Code| cd /etc/racoon}}
3. Back up the original racoon.conf in case things break.<br />
{{Code| cp racoon.conf racoon.conf.orig}}
4. As root user, open racoon.conf with your favorite editor.
{{Code| sudo nano racoon.conf}}
5. Go to the line with "mode_cfg".
{{Code| <pre>mode_cfg {
auth_source system;
save_passwd on;
split_dns "home.com";
banner "/etc/racoon/welcome.txt";
}</pre>}}
6. Change split_network from "include" to "local_lan" and delete the 198.162.... range.
{{Code| <pre>mode_cfg {
~~
split_network local_lan 10.100.100.0/24; </pre> }}
7. Also change "split_dns" to the name that I changed home domain to...
{{Code| <pre>mode_cfg {
~~
split_dns "amahi3.com";</pre>}}
8. Save your work<br />
9. Restart the racoon server
{{Code| sudo service racoon restart }}
Or open up your HDA dashboard, click on settings->servers and restart the IPSEC server.
Searching for "what is my ip" via Google or your favorite search engine should now report your home VPN. You should then be able to use Twitter and Facebook through your VPN.
= Forwarding Route all traffic through the VPN (Fedora) =
iptables -t nat -D POSTROUTING -s ${INTERNAL_ADDR4}/32 -o em1 -j MASQUERADE
Finally go to <nowiki>http://hda</nowiki>->Setup->Settings->Servers and restart the IPsec VPN Server.
Cpg
Trusted, Bots, Bureaucrats, emailconfirmed, Administrators
4,146

edits

Retrieved from "https://wiki.amahi.org/index.php/Special:MobileDiff/83810...108626"