Third party VPN Client software with Brick

FranzM
Member
Posts: 36
Joined: 15 Apr 2009 06:20

Third party VPN Client software with Brick

Post by FranzM » 10 Aug 2010 09:52

Hi

Since Alcatel announced Brick "End of Sales", it won't publish new version of IPSec Client which could run on Windows 7. However, from Alcatel I got response that there is third party VPN CLient, called Shrew (http://www.shrew.net/, its free), that works on Windows 7 and can work with brick.
I tried to set up a VPN connection using this client, but I couldn't. It's far more complex then Alcatel client.
Has anyone of you ever tried it?

Thanks in advance
Franz

User avatar
philetaylor
Member
Posts: 2
Joined: 08 Sep 2010 08:36

Post by philetaylor » 08 Sep 2010 08:40

Hi,

Did you get anywhere with this? I manage about 15 bricks (most of them since about 1997!!) and now many PC manufacturers ars stopping Windows XP, we are getting more and more requests for a Windows 7 client.

I have managed to get the Shrew client to connect but it isn't passing any traffic so i'm not sure if I have got farther that you or not ??

Thanks

Phil

FranzM
Member
Posts: 36
Joined: 15 Apr 2009 06:20

Post by FranzM » 13 Sep 2010 16:58

Hi

No, I didn't get even as far as you, I didn't even make shrew to connect. Can you please tell me how you set up your shrew connection?

Regards
FranzM

FranzM
Member
Posts: 36
Joined: 15 Apr 2009 06:20

Post by FranzM » 24 Sep 2010 10:33

Hi

I was able to connect using Shrew, but no traffic is coming trough so I think I'm in the same place you are. I tried to put remote networks manually in Shrew policy tab but this didn't changed anything.

Regards
FranzM

FranzM
Member
Posts: 36
Joined: 15 Apr 2009 06:20

Post by FranzM » 28 Sep 2010 09:32

OK, I got it. I was able to connect using Shrew client and ping hosts on the other side. Remote Desktop also works good.
Main problem was Alcatel IP Sec Client. It is the best to uninstall it, or at least bring down all services with "lucent" in their name. Normally even when Alcatel client is off, they are working normally and cause problems.
Also, you need to put remote networks manually in policy tab.

Regards
FranzM

User avatar
philetaylor
Member
Posts: 2
Joined: 08 Sep 2010 08:36

Post by philetaylor » 28 Sep 2010 09:39

Sorry I missed your original message.... You have got further than me now!

Would it be possible for you to post your settings?

Cheers

Phil

FranzM
Member
Posts: 36
Joined: 15 Apr 2009 06:20

Post by FranzM » 29 Sep 2010 09:40

Sure

General Tab:
- IP: xx.xx.xx.xx
- port: 500
- auto configuration: IKE confoig pull
- use a virtual adapter and assigned address
- mtu: 1380
- obtain automiaticly: checked

Client Tab:
- NAT Traversal: enable
- NAT Traversal port: 4500
- Keep alive: 15 sec
- IKE fragmentation: enable
- Max packet size: 540
- Other options: all checked

Name Resolution Tab:
- All options checked

Authentication Tab:
Method: Mutual PSK + XAuth

Local Identity:
Identification Type: Key Identifier
Key ID String: Here you need to put same value as in Group ID field in IKEv1 tab in Client Tunnel Endpoint menu in Brick.

Remote Identity:
Identification Type: IP Address
Usa a discovered remote host address: checked

Creditentials:
Pre Shared Key: XXXXXXXXXX

Phase 1 Tab:
Exchange type: aggresive
DH exchange: group 1
Cipher algoritm: auto
Hash algoritm: auto
Key life time limit: 86400
Key life data limit: 0

Phase 2 Tab:
Transform algoritm: auto
HMAC algoritm: auto
PFS Exchange: disabled
Compress algoritm: disabled
Key life time limit: 3600
Key life data limit: 0

Policy Tab:
No option checked
You need to put here all remote networks to which you want to have access.


Regards
FranzM

User avatar
michael
Member
Posts: 2
Joined: 28 Dec 2009 01:54

Post by michael » 10 Nov 2010 22:22

Do we need to have local presence to be set for the VPN Client to work?

FranzM
Member
Posts: 36
Joined: 15 Apr 2009 06:20

Post by FranzM » 24 Nov 2010 09:13

No, at least in my case it wasn't necessary.

User avatar
Rafu555
Member
Posts: 6
Joined: 17 Sep 2010 05:24
Location: Monaco

Re: Third party VPN Client software with Brick

Post by Rafu555 » 30 Nov 2010 03:36

Hi,

just a post to report my experiment of the shrew software.
When you use the shrew vpn client software , you don't have to use in the same time the alcatel vpn client with an another user for exemple. It will make the brick panic !
the only way after is to reboot the brick otherwise no more VPN connections are possible !

Keep this in mind , i've get troubles with it !

Post Reply

Return to “Brick VPN Firewall”