On Tue, 19 May 2009 22:08:10 +0100 Mick <michaelkintz...@gmail.com> wrote:
> On Tuesday 19 May 2009, Michael Higgins wrote: > > On Tue, 19 May 2009 13:57:21 -0500 > > > > Paul Hartman <paul.hartman+gen...@gmail.com> wrote: > > > Based on a brief googling I didn't see anyone who has a working > > > connection to a Checkpoint VPN. > > > > Thanks, Paul. I've already the "solution", as I'm not so much > > trying to get something accomplished (access machines "inside" > > which I can do just fine with SSH tunnel), as to figure out why we > > have these various, related, open source software packages > > available but no basic client-to-corporate "real-world" > > implementations specifically outlined for the Gentoo community -- > > that I can find. :( [...] > > Or, should I instead, just go outside and play? I thought someone > > else here had hoped to make something like this work... ;-) > > I very much share your frustration. On and off (OK, mostly off) I > have been trying to get a VPN connection to my router going, and have > tried vnpc, kvpn and racoon all of which failed. Meanwhile, a friend > tried the shrew VPN client and succeeded after a couple of hours of > tweaking his Vista box! Arrrgh! Yeah, I have no problem to get to "working", with XP on VMWare. Naturally, I haven't given up. Seems like it's nearly there... also, there are some examples and docs installed. > > I assume that I have all the right components installed (judging from > the wiki pages) Wiki pages? Hmm. Which ones? > but I am not sure about my configuration. Unlike > your set up which seems to be almost there, mine won't even complete > stage 1 handshake. Very, very, very frustrating ... Well, racoon now claims it has started the connexion. It could have been as trivial as a trailing ' ' on my pre-shared secret. Or not... Either way, it's still not working... just a bit closer. racoonctl vc pub.vpn.ip.add VPN connexion established And still nothing useful happens. ping -c 1 192.168.243.140 PING 192.168.243.140 (192.168.243.140) 56(84) bytes of data. --- 192.168.243.140 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms And tons of debug info. Well, it's more than I had, but less than useful. > > Sorry that I can't be of much help with this. :( No worries. It seems like this really *should* be possible, though. I'll try to post my findings if I get it working. DEBUG: pfkey UPDATE succeeded: ESP/Tunnel pub.vpn.ip.add[0]->192.168.1.100[0] spi=53896550(0x3366566) May 19 16:00:21 lappy racoon: INFO: IPsec-SA established: ESP/Tunnel 198.145.243.130[0]->192.168.1.100[0] spi=53896550(0x3366566) May 19 16:00:21 lappy racoon: phase2(quick): 0.337284 May 19 16:00:21 lappy racoon: DEBUG: === May 19 16:00:21 lappy racoon: DEBUG: pk_recv: retry[0] recv() May 19 16:00:21 lappy racoon: DEBUG: get pfkey ADD message May 19 16:00:21 lappy racoon: INFO: IPsec-SA established: ESP/Tunnel 192.168.1.100[4500]->pub.vpn.ip.add[4500] spi=1021286747(0x3cdf995b) Not much showing for the failure to communicate, though. :( Cheers, -- |\ /| | | ~ ~ | \/ | |---| `|` ? | |ichael | |iggins \^ / michael.higgins[at]evolone[dot]org
