IPSec VPN - Testing ?
Posted: Sun Jul 28, 2013 7:03 am
I have as far as I can tell done everything I should to make my HDA accessible from outside my home BUT as I am not strong on networking I have some additional questions I hope someone will help me with. So far I have made the following assumptions and done the following activities to set my self up.
Assumptions:
a)Although I made my HDA home network a dot net (.net) I still use 'Nickname'.'hda-hostname'.COM as the entry for the IPsec Server Address. I shouldn't have to use .net ?
b) Having port forwarded 500 and 4500 on my DG3500 router I don't have to play with the router's VPN settings which are not configured (Deliberately to keep things simple).
As an aside that setup expects a minimum 8 Character security setup and the code provided has a shorter length
c)The use of my Galaxy S3 Phone (with WIFI off so I am not on my home network) to attempt connection should work as in theory I will be coming at the HDA from GPRS i.e. a network that belongs to my phone service provider with different IP's
What's been done :
1) Port forwarding as 2 separate rules for Ports 500 and 4500 - both UDP
2) Purchase and install of IPsec VPN and check that server is running in the HDA
3) Configured the phone as per 'Android' instructions and checked my phone's OS which is 4.1.2 - higher than the minimum required.
4) Checked inside the .conf file of the HDA (racoon.conf) that the settings agree with the wiki instructions regarding the NAME and the KEY 'text' required in psk.txt matches.
Question(s)
q1) The connection attempts take 10 to 15 seconds before failure so does this mean its close but no cigar ?? or is that no use whatsoever.
q2) Is there any way I can monitor or see a log of any sort to help in connection diagnosis?
q3) Before I changed from Fedora 14 to Ubuntu (This week) you could use your self test facility for 'open VPN) which for me was invaluable to verify your setup before leaving home. Is there any such similar tool I can self implement or to be really annoying as I know your swamped !! Do you have any plans in that direction for IPsec VPN - If that's a stupid question because its not feasible - sorry in advance.
Assumptions:
a)Although I made my HDA home network a dot net (.net) I still use 'Nickname'.'hda-hostname'.COM as the entry for the IPsec Server Address. I shouldn't have to use .net ?
b) Having port forwarded 500 and 4500 on my DG3500 router I don't have to play with the router's VPN settings which are not configured (Deliberately to keep things simple).
As an aside that setup expects a minimum 8 Character security setup and the code provided has a shorter length
c)The use of my Galaxy S3 Phone (with WIFI off so I am not on my home network) to attempt connection should work as in theory I will be coming at the HDA from GPRS i.e. a network that belongs to my phone service provider with different IP's
What's been done :
1) Port forwarding as 2 separate rules for Ports 500 and 4500 - both UDP
2) Purchase and install of IPsec VPN and check that server is running in the HDA
3) Configured the phone as per 'Android' instructions and checked my phone's OS which is 4.1.2 - higher than the minimum required.
4) Checked inside the .conf file of the HDA (racoon.conf) that the settings agree with the wiki instructions regarding the NAME and the KEY 'text' required in psk.txt matches.
Question(s)
q1) The connection attempts take 10 to 15 seconds before failure so does this mean its close but no cigar ?? or is that no use whatsoever.
q2) Is there any way I can monitor or see a log of any sort to help in connection diagnosis?
q3) Before I changed from Fedora 14 to Ubuntu (This week) you could use your self test facility for 'open VPN) which for me was invaluable to verify your setup before leaving home. Is there any such similar tool I can self implement or to be really annoying as I know your swamped !! Do you have any plans in that direction for IPsec VPN - If that's a stupid question because its not feasible - sorry in advance.
