Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u763016847/domains/golinuxhub.com/public_html/wp-includes/functions.php on line 6114
Configure a VPN tunnel between Linux and Windows XP - GoLinuxHub

Configure a VPN tunnel between Linux and Windows XP

by

In this post I would be showin you the steps needed to create a tunnel between Linux and Windows XP for safe data transmission with proper data encapsulation. We will be using Openswan on the Linux server and IPsec on the Windows XP to do so.


Linux side configuration

Make sure you have openswan package installed on your machine. I will be using Redhat 6.2 so the commands I am using might vary as per other distros.

Install the required package using yum

# yum -y install openswan

# vi /etc/ipsec.conf

 version 2.0     # conforms to second version of ipsec.conf specification

# basic configuration
 config setup
        # Debug-logging controls:  "none" for (almost) none, "all" for lots.
        # klipsdebug=none
        # plutodebug="control parsing"
        # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
        protostack=netkey
        nat_traversal=yes
        virtual_private=
        oe=off
        # Enable this if you see "failed to find any available worker"
        # nhelpers=0
        interfaces=%defaultroute

        klipsdebug=none
        plutodebug=none
        overridemtu=1410

conn %default
        keyingtries=1

conn sample
        right=%any
        left=%defaultroute
        authby=secret
        auto=add
        keylife=24h
        rekey=no
        keyingtries=0
        pfs=no

conn packetdefault
        auto=ignore

conn private-or-clear
        auto=ignore
Now you need to define the preshared key which will be used for authentication

# vi /etc/ipsec.secrets
: PSK "secretkey"
# service ipsec start

Windows XP side configuration

Open the "run" prompt and launch "mmc console"
Now go to File and click on "Add/Remove Snap-in"

Now add "IP Security Policies on Local Computer"

Create a new IP security policy

Mention the preshared key as provided in ip.secrets on the linux server

Then you can click on Next and Finish the wizard.

Now edit the properties of this policy. Click on "Filter Action" on the tab menu and add a new custom action

Then you can finish the wizard and select this filter action for the IPsec policy.

Now edit the Filter properties. (Here 192.168.0.138 is my Linux server IP)

Similarly create another IP Filter rule with the name "Linux to WinXP" and add the custom Filter action to this filter rule. The only thing you need to change is the filter properties.

Thats all, Now you can save and close the wizard. Right click the IP security rule you created and click on "Assign".

Now try to ping your server IP on the cmd prompt