Racoon Roadwarrior Configuration - Page 5
On this page
Windows XP client – ShrewSoft VPN Client
ShrewSoft VPN Client is a free software. It was made to ensure interoperability between IPsec-tools (racoon) and Microsoft Windows. The focus of this chapter is not exploring all its possibilities, but setting it up as a client in roadwarrior scenario. After it's installed and ran, a window as shown in picture opens. The new connection can be added here.
On the first tab of the configuration window are network preferences. IP address of VPN gateway should be inserted, as well as other options shown in picture.
On the second tab of the configuration window are options to manually set internal IP address of the client. This should be set to be obtained automatically, as shown in picture.
First authentication tab configures the clients identity as shown on picture, and the authentication method is set to Hybrid RSA + XAuth.
The second authentication tab configures the gateway identity in a same way as clients identity above. The third authentication tab configures path of the used root certificate, as shown in picture.
The fourth tab configures IKE first phase options. These should be set as shown in picture to correspond to the options set on racoon roadwarrior client.
The fifth tab defines IKE second phase options. These should be set as shown in picture, to also correspond to the options set on racoon roadwarrior client.
Finally, the last tab defines the needed SPs. The simplest is to add the needed local network 192.168.112.0 with 255.255.255.0 net mask, as shown on picture.
After configuration, the connection is established by clicking the Connect button after inserting necessary user name and password. The connection is then established, as it can be seen by traffic recording explained in the previous chapter. It should be mentioned that this doesn't apply to all the traffic because the needed routes are not set up in the Windows environment. For that purpose, the Windows console tools (ipconfig and route) are available.