| 88.1. Shrew Soft IPsec VPN client | ||
|---|---|---|
 | Chapter 88. IPsec clients |  |
| 88.1. Shrew Soft IPsec VPN client | ||
|---|---|---|
| | Chapter 88. IPsec clients | |
Go to https://www.shrew.net/ and download Shrew Soft IPsec VPN client (release 2.2.2) from DOWNLOAD > VPN Client For Windows section.
Double-click the downloaded file and install the program following the instructions (Standard Edition).
This table show the parameters of Shrew Soft and their corresponding parameters in Abilis configuration. The information must be inserted in a “mirror” way: i.e. “LOCAL” information for Abilis are “REMOTE” for IPsec client and vice versa.
Table 88.1. Checklist of parameters
| The Shrew Soft parameter | Abilis IKE Table | Abilis IKE Table parameter |
|---|---|---|
| Remote Host | HOST | LOC-IP |
| Authetication metod | HOST | AUTH |
| Pre Shared Key | PSK | KEY |
| Cipher Algorithm | HOST | CIPHER |
| Hash Algorithm | HOST | HASH |
| DH Excange | HOST | DH |
| Auto Configuration | HOST | MODE-CFG |
| Remote Identification Type | HOST | ID-TYPE |
| Remote Address String | HOST | IP or FQDN |
| Local Identification Type | HOST | PEER-ID-TYPE |
| Local Address String | HOST | PEER-IP or
PEER-FQDN |
| Local Host | CLI | NET-REM |
| Transform Algorithm | CLI | ESP-CIPHER |
| HMAC Algorithm | CLI | ESP-AUTH |
| PFS Excange | CLI | PFS |
| Remote Network Resource | CLI | NET-LOC |
Suppose that Abilis is configured in the following way. Refer to Section 80.19.1, “How to configure a RAS using IPSEC VPN server” for the configuration of IPsec and IKE resources.
[22:54:53] ABILIS_CPX:d ike host:0Parameter: | Value: ------------+------------------------------------------------------------------ HOST: 0 NAME: user_1 LOC-IP: 080.080.080.080 REM-IP: * IPRES: 4 AUTH: PSK HASH: MD5 DH: MODP1024 CIPHER: 3DES SIDE: INSIDE XAUTH: NO XAUTH-USER: XAUTH-PWD: MODE-CFG: NO KEYING-TRIES: 3 LIFE-TIME: 3600 DPD-ENABLE: YES DPD-DELAY: 30 DPD-TIMEOUT: 120 DPD-ACTION: RESTART ID-TYPE: IP IP: 080.080.080.080 PEER-ID-TYPE: IP PEER-IP: 192.168.200.001 ------------------------------------------------------------------------------- [22:54:53] ABILIS_CPX:d ike psk:0Parameter: | Value: ------------+------------------------------------------------------------------ PSK: 0 KEY: ******** ID-TYPE: ANONYMOUS ------------------------------------------------------------------------------- [22:54:53] ABILIS_CPX:d ike cli:0Parameter: | Value: ------------+------------------------------------------------------------------ CLI: 0 NAME: user_1 HOST-ID: 0 RULE: IPSEC PASSIVE: YES PERMANENT: YES TUNNEL: YES ESP: YES ESP-CIPHER: 3DES ESP-AUTH: MD5 AH: NO AH-AUTH: MD5 LIFE-TIME: 28800 PFS: YES NET-LOC: 192.168.001.000/24 NET-REM: 192.168.200.001/32 MODE-CFG-DNS: SYS -------------------------------------------------------------------------------
Execute Shrew Soft program (VPN Access Manager): the following window will appear.
Click the Add button to create a new VPN connection. Configure General tab as shown here below.
Click the Name Resolution tab and configure the DNS as shown here below.
Click the WINS subtab and disable WINS.
Click the Authentication tab and configure as shown here below.
Click the Remote Identity subtab and configure as shown here below.
Click the Credentials subtab and configure as shown here below.
Click the Phase 1 tab and configure as shown here below.
Click the Phase 2 tab and configure as shown here below.
Click the Policy tab and click the Add button.
Insert the Remote Network and click Ok.
The Shrew Soft VPN IPsec client is now configured. Click the Save button to save the configuration.
Select the VPN connection recently configured and click the Connect button.
The following window will appear. Click the Connect button to open the VPN connection.
If will appear the message "tunnel enabled", then VPN connection is active
Click the Disconect button to close the VPN connection. Click Exit button to close the window.
| |  | |
| Chapter 88. IPsec clients |  | 88.2. TheGreenBow IPsec VPN client |
![[Tip]](../images/tip.png)