|
Lines 15-20
Link Here
|
| 15 |
<author title="Contributor"> |
15 |
<author title="Contributor"> |
| 16 |
<mail link="opfer@gentoo.org">Christian Faulhammer</mail> |
16 |
<mail link="opfer@gentoo.org">Christian Faulhammer</mail> |
| 17 |
</author> |
17 |
</author> |
|
|
18 |
<author title="Contributor"> |
| 19 |
<mail link="fischer@unix-ag.uni-kl.de">Thomas Fischer</mail> |
| 20 |
</author> |
| 18 |
|
21 |
|
| 19 |
<abstract> |
22 |
<abstract> |
| 20 |
This document details how to connect your workstation to a Cisco VPN |
23 |
This document details how to connect your workstation to a Cisco VPN |
|
Lines 25-32
Link Here
|
| 25 |
<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> |
28 |
<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> |
| 26 |
<license/> |
29 |
<license/> |
| 27 |
|
30 |
|
| 28 |
<version>1.3</version> |
31 |
<version>1.4</version> |
| 29 |
<date>2008-01-09</date> |
32 |
<date>2008-01-14</date> |
| 30 |
|
33 |
|
| 31 |
<chapter> |
34 |
<chapter> |
| 32 |
<title>Introduction</title> |
35 |
<title>Introduction</title> |
|
Lines 755-761
Link Here
|
| 755 |
</p> |
758 |
</p> |
| 756 |
|
759 |
|
| 757 |
<note> |
760 |
<note> |
| 758 |
The init scripts don't handle DNS separation. |
761 |
The init scripts don't handle DNS separation, but you can use the |
|
|
762 |
custom scripts to achieve that. See <uri link="#tipsscript">Tips and |
| 763 |
Tricks</uri>. |
| 759 |
</note> |
764 |
</note> |
| 760 |
|
765 |
|
| 761 |
</body> |
766 |
</body> |
|
Lines 765-776
Link Here
|
| 765 |
<chapter> |
770 |
<chapter> |
| 766 |
<title>Tips and Tricks</title> |
771 |
<title>Tips and Tricks</title> |
| 767 |
<section> |
772 |
<section> |
|
|
773 |
<title>Graphical remote access</title> |
| 768 |
<body> |
774 |
<body> |
| 769 |
|
775 |
|
| 770 |
<p> |
776 |
<p> |
| 771 |
If you are looking for a linux application that supports RDP (Remote Desktop |
777 |
If you are looking for a Linux application that supports RDP (Remote Desktop |
| 772 |
Protocol) then give <c>grdesktop</c> a try. It's a GUI app written in Gtk that |
778 |
Protocol) then give <c>grdesktop</c> a try. It's a GUI app written in GTK+ that |
| 773 |
fits in well with a gnome desktop, but doesn't require it. If you don't want |
779 |
fits in well with a Gnome desktop, but doesn't require it. If you don't want |
| 774 |
the GUI configuration dialogs that grdesktop provides, then just install |
780 |
the GUI configuration dialogs that grdesktop provides, then just install |
| 775 |
<c>rdesktop</c>. Ultimately, grdesktop is just a frontend for rdesktop. |
781 |
<c>rdesktop</c>. Ultimately, grdesktop is just a frontend for rdesktop. |
| 776 |
</p> |
782 |
</p> |
|
Lines 806-811
Link Here
|
| 806 |
|
812 |
|
| 807 |
</body> |
813 |
</body> |
| 808 |
</section> |
814 |
</section> |
|
|
815 |
<section id="tipsscript"> |
| 816 |
<title>Custom scripts on boot</title> |
| 817 |
<body> |
| 818 |
<p> |
| 819 |
The custom-made scripts for the init.d file can be used to setup a |
| 820 |
user-defined routing for the vpnc connection. The examples below show |
| 821 |
how to setup the routing table so that only connections to 123.234.x.x |
| 822 |
are routed over the VPN and all other connections use the default |
| 823 |
gateway. The example uses work-preup.sh to save the current default |
| 824 |
gateway before starting vpnc (which resets the default gateway using |
| 825 |
the VPN connection). Once vpnc has been started, work-postup.sh |
| 826 |
deletes this new default gateway, restores the old default gateway and |
| 827 |
sets the route for all connections to 123.234.x.x to use the vpnc |
| 828 |
connection. |
| 829 |
</p> |
| 830 |
<pre caption="/etc/vpnc/scripts.d/work-preup.sh"> |
| 831 |
#!/bin/sh |
| 832 |
route -n | grep -E '^0.0.0.0 ' | cut -c 17-32 >/var/tmp/defaultgw |
| 833 |
</pre> |
| 834 |
|
| 835 |
<pre caption="/etc/vpnc/scripts.d/work-postup.sh"> |
| 836 |
#!/bin/sh |
| 837 |
route del -net 0.0.0.0 netmask 0.0.0.0 dev tun1 |
| 838 |
route add default gw $(cat /var/tmp/defaultgw) |
| 839 |
route add -net 123.234.0.0 netmask 255.255.0.0 dev tun1 |
| 840 |
</pre> |
| 841 |
|
| 842 |
<p> |
| 843 |
The example scripts assume that the vpnc connection uses tun1 as tun device. |
| 844 |
You can set the device name in the connection's configuration file. |
| 845 |
</p> |
| 846 |
<pre caption="/etc/vpnc/work.conf"> |
| 847 |
Interface name tun1 |
| 848 |
IPSec gateway vpn.mywork.com |
| 849 |
Pidfile /var/run/vpnc.work.pid |
| 850 |
</pre> |
| 851 |
</body> |
| 852 |
</section> |
| 809 |
</chapter> |
853 |
</chapter> |
| 810 |
|
854 |
|
| 811 |
<chapter> |
855 |
<chapter> |
