Linux : IPSec and VPNC
Background
Sometimes, you have to connect to old IPSec VPN sites. But unfortunately, latest modern Linux distributions are dropping connectivity after around 24 minutes without any valid understandable reason. It was the case for me with Fedora 25. I've made some researches all over the web without finding a solution until ...
IPSec is very old but still works !
To solve this issue, there is actually 2 specific actions to do :
- edit the /etc/vpnc/default.conf
- start vpnc with --enable-1des
# cat /etc/vpnc/default.conf
IPSec gateway 217.xx.77.xx
IPSec ID XXXXXXXXXXXXXXXXXX
IPSec secret XXXXXXXXXXXXXXXXXXXXX
# your username goes here:
Xauth username XXXXXXXXXXXXXXXXXXX
Xauth password XXXXXXXXXXXXXXXXXXX
IKE Authmode psk
DPD idle timeout (our side) 0
IKE DH Group dh1
IPSec gateway 217.xx.77.xx
IPSec ID XXXXXXXXXXXXXXXXXX
IPSec secret XXXXXXXXXXXXXXXXXXXXX
# your username goes here:
Xauth username XXXXXXXXXXXXXXXXXXX
Xauth password XXXXXXXXXXXXXXXXXXX
IKE Authmode psk
DPD idle timeout (our side) 0
IKE DH Group dh1
Then, call vpnc with the relevant parameter
# vpnc default.conf --enable-1des
Then you are connected for more than 24 minutes !
I really hope this trick will help others.
Nowadays, SSL VPN is the norm but some IPSec environments still exists.
Comments
Post a Comment
Thank you for your message, it has been sent to the moderator for review...