:: Setting up VPN using VPN Daemon (vpnd) ::
HOME

Click Here for Comparison Chart for different VPN solutions


TO SET UP A VPN USING VPN Daemon (vpnd)
  1. I don't know if this is a defunct project. However one can download the tarball from vpnd site. Installation is very easy and can be done within minutes.
  2. I am asssuming that we are using the following setup with mia as the client and zidler as the server .

  3. I have placed all the vpnd related files in /etc/vpnd/. The defaults for many options are different. Hence, when in doubt always do vpnd -h. No man page is available.
  4. If you use the simple secret key method (basic-master-key-file) to acheive link encryption, then generate the basic-master-key-file using the command (at either the client or server): 
    [shashank@mia vpnd]# vpnd -m /etc/vpnd/vpnd.key
New key file /etc/vpnd/vpnd.key created.
    Transfer this file to the peer and place it in /etc/vpnd/.
  5. If you use the extended-master-key-file) to acheive link encryption, then generate the extended-master-key-file using the command (at either the client or server): 
    shashank@mia:/etc/vpnd# vpnd -x /etc/vpnd
New key file /etc/vpnd/vpnd.lcl.key created.
New key file /etc/vpnd/vpnd.rmt.key created.
    Keep the file vpnd.lcl.key at the local terminal and send the file vpnd.rmt.key to the peer.
  6. Place the following configuration files at the server and the client. To get an idea about all the functions of all available options read the original configuration file that came with the distribution. 
    
shashank@zidler:/etc/vpnd# cat vpnd.conf
mode server
client 0.0.0.0 22222
server 131.193.50.184 22222
keyfile /etc/vpnd/vpnd.key              #or keyfile /etc/vpnd/vpnd.lcl.key if using extended-master-key-file
local 192.168.254.201
remote 192.168.254.200
route1 192.168.0.0 255.255.255.0 192.168.254.200

-------------------------------------------------

[shashank@mia vpnd]# cat vpnd.conf
mode client
client 131.193.50.165 22222
server 131.193.50.184 22222
keyfile /etc/vpnd/vpnd.key              #or keyfile /etc/vpnd/vpnd.lcl.key if using extended-master-key-file
local 192.168.254.200
remote 192.168.254.201
route1 192.168.2.0 255.255.255.0 192.168.254.201
  7. Start the vpnd process at the server/client using the command: The -n option is used to keep the process in the foreground. 
    shashank@zidler:/home/shashank# vpnd -f /etc/vpnd/vpnd.conf -n
vpnd[7751]: version 1.1.0 (compression enabled) starting.
vpnd[7751]: slip link established.
vpnd[7751]: listening with address 131.193.50.184 on port 22222
vpnd[7751]: connect from 131.193.50.165
----------------------------------------------------------------
[shashank@mia vpnd]# vpnd -f /etc/vpnd/vpnd.conf -n
vpnd[25646]: version 1.1.0 (compression enabled) starting.
vpnd[25646]: slip link established.
vpnd[25646]: connected to 131.193.50.184
  8. Check out if the slip interface has started using ifconfig: 
    papers@mia:> ifconfig
--SNIP--
sl0       Link encap:VJ Serial Line IP  
          inet addr:192.168.254.200  P-t-P:192.168.254.201  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
             compressed:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 compressed:0 txqueuelen:10 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
  9. Also check if the routes have been established properly using netstat -rn commad and ping.
  10. The interface can be disable by killing the vpnd process.
  11. Now comes the experimentation.
Comments and corrections are appreciated and can be sent to papers@mia.ece.uic.edu. Click here for ©opyright information.