Hi
Since Alcatel announced Brick "End of Sales", it won't publish new version of IPSec Client which could run on Windows 7. However, from Alcatel I got response that there is third party VPN CLient, called Shrew (http://www.shrew.net/, its free), that works on Windows 7 and can work with brick.
I tried to set up a VPN connection using this client, but I couldn't. It's far more complex then Alcatel client.
Has anyone of you ever tried it?
Thanks in advance
Franz
Third party VPN Client software with Brick
-
philetaylor
- Member
- Posts: 2
- Joined: 08 Sep 2010 08:36
Hi,
Did you get anywhere with this? I manage about 15 bricks (most of them since about 1997!!) and now many PC manufacturers ars stopping Windows XP, we are getting more and more requests for a Windows 7 client.
I have managed to get the Shrew client to connect but it isn't passing any traffic so i'm not sure if I have got farther that you or not ??
Thanks
Phil
Did you get anywhere with this? I manage about 15 bricks (most of them since about 1997!!) and now many PC manufacturers ars stopping Windows XP, we are getting more and more requests for a Windows 7 client.
I have managed to get the Shrew client to connect but it isn't passing any traffic so i'm not sure if I have got farther that you or not ??
Thanks
Phil
OK, I got it. I was able to connect using Shrew client and ping hosts on the other side. Remote Desktop also works good.
Main problem was Alcatel IP Sec Client. It is the best to uninstall it, or at least bring down all services with "lucent" in their name. Normally even when Alcatel client is off, they are working normally and cause problems.
Also, you need to put remote networks manually in policy tab.
Regards
FranzM
Main problem was Alcatel IP Sec Client. It is the best to uninstall it, or at least bring down all services with "lucent" in their name. Normally even when Alcatel client is off, they are working normally and cause problems.
Also, you need to put remote networks manually in policy tab.
Regards
FranzM
-
philetaylor
- Member
- Posts: 2
- Joined: 08 Sep 2010 08:36
Sure
General Tab:
- IP: xx.xx.xx.xx
- port: 500
- auto configuration: IKE confoig pull
- use a virtual adapter and assigned address
- mtu: 1380
- obtain automiaticly: checked
Client Tab:
- NAT Traversal: enable
- NAT Traversal port: 4500
- Keep alive: 15 sec
- IKE fragmentation: enable
- Max packet size: 540
- Other options: all checked
Name Resolution Tab:
- All options checked
Authentication Tab:
Method: Mutual PSK + XAuth
Local Identity:
Identification Type: Key Identifier
Key ID String: Here you need to put same value as in Group ID field in IKEv1 tab in Client Tunnel Endpoint menu in Brick.
Remote Identity:
Identification Type: IP Address
Usa a discovered remote host address: checked
Creditentials:
Pre Shared Key: XXXXXXXXXX
Phase 1 Tab:
Exchange type: aggresive
DH exchange: group 1
Cipher algoritm: auto
Hash algoritm: auto
Key life time limit: 86400
Key life data limit: 0
Phase 2 Tab:
Transform algoritm: auto
HMAC algoritm: auto
PFS Exchange: disabled
Compress algoritm: disabled
Key life time limit: 3600
Key life data limit: 0
Policy Tab:
No option checked
You need to put here all remote networks to which you want to have access.
Regards
FranzM
General Tab:
- IP: xx.xx.xx.xx
- port: 500
- auto configuration: IKE confoig pull
- use a virtual adapter and assigned address
- mtu: 1380
- obtain automiaticly: checked
Client Tab:
- NAT Traversal: enable
- NAT Traversal port: 4500
- Keep alive: 15 sec
- IKE fragmentation: enable
- Max packet size: 540
- Other options: all checked
Name Resolution Tab:
- All options checked
Authentication Tab:
Method: Mutual PSK + XAuth
Local Identity:
Identification Type: Key Identifier
Key ID String: Here you need to put same value as in Group ID field in IKEv1 tab in Client Tunnel Endpoint menu in Brick.
Remote Identity:
Identification Type: IP Address
Usa a discovered remote host address: checked
Creditentials:
Pre Shared Key: XXXXXXXXXX
Phase 1 Tab:
Exchange type: aggresive
DH exchange: group 1
Cipher algoritm: auto
Hash algoritm: auto
Key life time limit: 86400
Key life data limit: 0
Phase 2 Tab:
Transform algoritm: auto
HMAC algoritm: auto
PFS Exchange: disabled
Compress algoritm: disabled
Key life time limit: 3600
Key life data limit: 0
Policy Tab:
No option checked
You need to put here all remote networks to which you want to have access.
Regards
FranzM
Re: Third party VPN Client software with Brick
Hi,
just a post to report my experiment of the shrew software.
When you use the shrew vpn client software , you don't have to use in the same time the alcatel vpn client with an another user for exemple. It will make the brick panic !
the only way after is to reboot the brick otherwise no more VPN connections are possible !
Keep this in mind , i've get troubles with it !
just a post to report my experiment of the shrew software.
When you use the shrew vpn client software , you don't have to use in the same time the alcatel vpn client with an another user for exemple. It will make the brick panic !
the only way after is to reboot the brick otherwise no more VPN connections are possible !
Keep this in mind , i've get troubles with it !
