Closed m0ps closed 11 years ago
jflemer-ndp
commented
11 years ago I think you want to look at the Target networks config option. Unfortunately it's not really "automatic", you'll have to manually enter the networks you want routed over the vpn into your vpnc config file. For example, if your protected networks are 10.0.1.0/24 and 10.0.8.0/24 use:
Target networks 10.0.1.0/24 10.0.8.0/24
m0ps
commented
11 years ago Thanks for your reply James. As Target networks - I try to add it, but vpnc does not recognize it.
jflemer
commented
11 years ago Ah yes, I am using my Juniper patch set on top of the debian patch set. The debian patch set is what adds the Target networks support. What OS are you using?
m0ps
commented
11 years ago I use ubuntu 12.04 (x32 and x86_64) Have you prebuild deb packages for it?
jflemer
commented
11 years ago Yes, I have packages. I will see about putting them online somewhere tomorrow.
If you want to build yourself, just copy the debian subdir from the "stock" vpnc package into the git checkout of this project (if the project is in /tmp/vpnc, the subdir would be /tmp/vpnc/debian). Then build as normal (cd /tmp/vpnc; apt-get build-dep vpnc; dpkg-buildpackage -uc -b -rfakeroot). You can get the stock package source via apt-get source vpnc.
m0ps
commented
11 years ago I try this first of all, but at the end of build I get this:
dpkg-source: info: unapplying fetch-split-dns-prop.patch dpkg-source: info: unapplying fix_makefile_VERSION.patch dpkg-source: info: unapplying fix_make_test.patch dpkg-source: info: unapplying 04_debianitis.patch dpkg-source: info: unapplying 03_vpnc.8.patch
jflemer-ndp
commented
11 years ago m0ps
commented
11 years ago Thanks a lot. It works like a charm.
I successfully set up Dynamic VPN (http://www.fir3net.com/Juniper-SRX-Series-Gateway/juniper-srx-dynamic-vpn.html) and can connect from linux (Ubuntu 12.04) with your vpnc version. All works fine, but I have some troubles with routes. When vpnc connected, in linux box routing table installed default route to tun0. Thats why I doesn't have access to internet (I need to delete default route manualy and install new default route and routes to protected networks). Is there any way to configure (SRX or vpnc client) don't touch default route and only install routes to remote protected locations automaticaly.