• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Friday, January 04, 2013

    Configure a VPN tunnel between Linux and Windows XP

    In this post I would be showin you the steps needed to create a tunnel between Linux and Windows XP for safe data transmission with proper data encapsulation. We will be using Openswan on the Linux server and IPsec on the Windows XP to do so.


    Linux side configuration

    Make sure you have openswan package installed on your machine. I will be using Redhat 6.2 so the commands I am using might vary as per other distros.

    Install the required package using yum
    # yum -y install openswan
    # vi /etc/ipsec.conf

     version 2.0     # conforms to second version of ipsec.conf specification

    # basic configuration
     config setup
            # Debug-logging controls:  "none" for (almost) none, "all" for lots.
            # klipsdebug=none
            # plutodebug="control parsing"
            # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
            protostack=netkey
            nat_traversal=yes
            virtual_private=
            oe=off
            # Enable this if you see "failed to find any available worker"
            # nhelpers=0
            interfaces=%defaultroute

            klipsdebug=none
            plutodebug=none
            overridemtu=1410

    conn %default
            keyingtries=1

    conn sample
            right=%any
            left=%defaultroute
            authby=secret
            auto=add
            keylife=24h
            rekey=no
            keyingtries=0
            pfs=no

    conn packetdefault
            auto=ignore

    conn private-or-clear
            auto=ignore

    Now you need to define the preshared key which will be used for authentication
    # vi /etc/ipsec.secrets
    : PSK "
    secretkey"

    # service ipsec start

    Windows XP side configuration

    Open the "run" prompt and launch "mmc console"











    Now go to File and click on "Add/Remove Snap-in"












    Now add "IP Security Policies on Local Computer"



















    Create a new IP security policy








    Mention the preshared key as provided in ip.secrets on the linux server

















    Then you can click on Next and Finish the wizard.
    Now edit the properties of this policy. Click on "Filter Action" on the tab menu and add a new custom action





































    Then you can finish the wizard and select this filter action for the IPsec policy.
    Now edit the Filter properties. (Here 192.168.0.138 is my Linux server IP)





















    Similarly create another IP Filter rule with the name "Linux to WinXP" and add the custom Filter action to this filter rule. The only thing you need to change is the filter properties.





















    Thats all, Now you can save and close the wizard. Right click the IP security rule you created and click on "Assign".













    Now try to ping your server IP on the cmd prompt






    0 comments:

    Post a Comment