Configure VPN with Fedora
Please follow the steps below to establish a VPN connection.
*** The following instructions are for ClassNet and ResNet networks only while connection from Public ISP may not be supported.
|1. Download racoon, ppp, dhcp-client, ipsec-tools, xl2tpd to a computer which have Internet access, then transfer to your computer running debian by clicking the URL.|
|2. Double-click the package downloaded; you will be reminded that the client can also be downloaded through yum channel.
Then click Close.
|3. Click Install Package to install racoon and ipsec-tools, ppp,dhcp-client and xl2tpd.|
|4. Type your computer’s root account password, and then click OK.|
|5. Click Apply to continue the installation .|
|6. Click Install anyway to continue the installation.|
|7. Click OK to finish the package installation.|
|8. Repeat the step 2 to step for installing the others package except racoon and ipsec-tools package.|
|9. You should select “direct” and press Enter to continue the installation of the racoon and ipsec tools package.|
II. Configure the corresponding configuration file
|1.Edit the configuration of the packages installed using any word editor (e.g. vi, vim, gedit)
I. Edit the racoon.conf file
Enter the command:
And then copy and paste the code like the picture shown below for the racoon configuration file.
The configuration of raccoon.conf should be:
|II.Edit the Pre-Shared Key file
The first one is the servers’ IP and the second one is the pre-shared key, using Resnet VPN, the setting should be:
Enter the command,
You can copy and paste all codes below the psk file.
|III. Edit the configuration of the l2tpd (for ubuntu 7.10) or xl2tpd (for ubuntu 8.04)
Enter the command according to your ubuntu’s version:
|IV. Edit the pap secrets file according to the nature of the VPN connection
Enter the command
s0123456 vpn.cuhk.edu.hk yourpassword
|V. Edit the option file
Enter the command :
|1.Download the script connect.sh from here and save the file to the corresponding location.|
|2. You should at the directory where connect.sh exist in the terminal and then type the below to excute the script file.When you need to connect to the VPN, you need to execute it everytime.
|3. You can check whether your connection is under VPN connection by using “ifconfig” command. If you can see the ppp0 connection, that means your connection is under VPN connection.|
|4. For disconnection, please enter the following command.
echo “d” > /var/run/xl2tpd/l2tp-control
Please go though the steps in I and II. Then, you are required to make the following amendments.
1. Adding static route
First you have to identify the IP address of your ISP’s default gateway and the broadband VPN server you are connecting.
For ADSL-based broadband:
/sbin/route add -host vpn.server.ip.address ppp0 (adding both broadband VPN server IP addresses are ok)
/sbin/route add default ppp1
For ethernet-based broadband:
/sbin/route add -host vpn.server.ip.address gw isp.default.gateway.ip (adding both broadband VPN server IP addresses are ok)
/sbin/route add default ppp0
2. Modification of connect.sh
- remove the dhclient
- changing ipsec encryption commands with local ip address as the following:
echo -e spdadd yourIPaddress/32\[1701\] 0.0.0.0\/0\[0\] any \-P out ipsec esp\/transport\/\/require\; |
3. For DNS server
If you can connect by IP but can’t resolve DNS, you need to add the CUHK DNS servers to resolv.conf