OK, I promised this a long time ago, but things have been more than a little busy around here.
My configuration lets any host at my house access any host at the office, but only lets the PC on my desk at the office access hosts at my house. I downloaded a program called "Tray Ping" that runs in the system tray. I run it on my home PC, and I configured it to ping my office PC every 119 seconds. This keeps the VPN active continuously. I found "Tray Ping" either on Tucows or on ZDNet, I forget which. Any utility that lets you schedule pings at an interval will work. If you have a UNIX or UNIX-like system at home, you can easily use cron to schedule a ping every minute. I also have an Excel spreadsheet that generates HEX and ASCII random 64 bit keys (you can make longer keys by running it more than once). If anyone thinks this would be useful, they can get a copy from my website: http://mwburden.home.attbi.com/MakeKey.xls (On the REALLY off chance that anyone is interested, my homepage is http://mwburden.home.attbi.com. It's mostly there as a place to show some photos). Note that the random HEX string and the random ASCII string generated by this spreadsheet are NOT equivalent. ---------- HOME ------------ VPNs 1 #Dynamic VPN to Lynk Key exchange: IKE VPN object: IKE Identity: [Fake email address] Pre-Shared Secret: HEX [Big long string of hex characters] Remote network: [Lynk LAN] Remote gateway: [Lynk EXT] VPN Objects 1 #DEFAULT: IKE VPNs Name: IKE Authentication required: no Gateway: EXTERNAL Force mobile protocol: yes Local network: Protected Networks Phase 1: main 3des hmac-sha1 group 2 Phase 2: aes hmac-sha1 group 2 IP Pass Through Filters 1 #Allow MIKEBNT to access to everything Accept information ANY ALL from [PC on my Desk at the Office] to ANY_IP 2 #DEFAULT: VPN, allow outbound (VPN to Lynk). Accept information "PROTECTED" ALL from ANY_IP to [Lynk LAN] 3 #DEFAULT: VPN, deny inbound (VPN to Lynk). Deny notice "EXTERNAL" ALL from [Lynk LAN] to ANY_IP ---------- OFFICE ------------ Users Mike Burden Description: Dynamic VPN to Mike's House Identity: [Fake email address] Auth method: HEX [Big long string of hex characters] VPN object: IKEDYNAMIC Remote network: [LAN at my House] VPN Objects #GB Dynamic VPN Name: IKEDYNAMIC Authentication required: no Gateway: EXTERNAL Force mobile protocol: yes Local network: Protected Networks Phase 1: main 3des hmac-sha1 group 2 Phase 2: aes hmac-sha1 group 2 Remote Access Filters #DEFAULT: VPN: Allow access to IKE from mobile clients. Accept information ANY UDP from ANY_IP 500 to ANY_IP 500 #DEFAULT: VPN: Allow ESP connections from mobile clients. Accept information ANY 50 from ANY_IP to ANY_IP IP Pass Through Filters 1 #Dynamic VPN, allow inbound. Accept information "EXTERNAL" ALL from [LAN at My House] to [Lynk LAN] 2 #Dynamic VPN, allow outbound. Accept information "PROTECTED" ALL from [Lynk LAN] to VPNMOBILE 3 #Dynamic VPN, allow outbound. Accept information "PSN" ALL from [Lynk LAN] to [LAN at My House] Mike Burden Lynk Systems http://www.lynk.com (616)532-4985 [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/gb-users@;gta.com
