Shrew soft vpn client android

How to configure Shrew Soft VPN Client with a TP-Link VPN Router using the new GUI?

With Client to LAN VPN function, the VPN Router will be a VPN server and we can use our PCs to establish the VPN tunnel with it. Then we can access the private network of the VPN Router securely via the internet. But we need to use some VPN client software like Shrew.

Take the following topology as an example, we will learn how to configure the VPN server and VPN client.

Step1 Verify the settings needed for IPsec VPN on router

Check the VPN Router.

Choose the menu Status > System Status and Network > LAN.

Step 2 Set up the IPsec VPN Server

(1) Choose the menu VPN > IPSec > IPSec Policy and click Add to load the following page on the VPN router. Configure the basic parameters for the IPsec policy.

· Specify the mode as Client-to-LAN.

· Specify the Remote Host as 10.10.10.20. You also can enter 0.0.0.0 to allow any IP address.

· Specify WAN as WAN1 and local subnet as 192.168.0.0/24.

· Specify the Pre-shared Key as you like. Here we enter 123456.

(2) Click Advanced Settings to load the following page. In the Phase-1 Settings section, configure the IKE phase-1 parameters.

· Select md5-3des-dh2 as the proposal.

· Specify Exchange Mode as Aggressive Mode.

· Specify Negotiation Mode as Responder Mode.

· Specify Local/Remote ID Type as NAME.

Once the VPN server or client is behind a NAT device, we have to select Aggressive Mode as Exchange Mode and select NAME as Local/Remote ID Type, otherwise, the VPN tunnel can’t be established.

· Specify the local/remote ID as you like. Here we specify the local ID as 123 and remote ID as 321.

(3) In the Phase-2 Settings section, configure the IKE phase-2 parameters. Click OK.

· Specify Encapsulation Mode as Tunnel Mode.

· Select esp-md5-3des as the proposal.

Once the VPN server or client is behind a NAT device, the proposal cannot be specified as ah-md5 or as –sha1, otherwise, the VPN tunnel can’t be established.

Step 3 Set up the IPsec VPN Client

(1) Click on Add. Choose the menu General. Specify Host Name or IP Address as 10.10.10.10. Select disabled as Auto Configuration. Select Use an existing adapter and current address as Adapter Mode.

(2) Choose the menu Name Resolution, don’t tick the Enable DNS and the Enable WINS.

(3) Choose the menu Authentication. Select Mutual PSK as Authentication Method. Select Fully Qualified Domain Name as Identification Type. Specify 321 as FQDN String in Local Identify section and specify 123 as FQDN String in Remote Identify section.

(4) Choose the menu Authentication > Credentials. Specify Pre Shared Key as 123456.

(5) Choose the menu Phase 1, under the Proposal Parameters, the Exchange Type, DH Exchange, Cipher Algorithm, and Hash Algorithm are the same with VPN Router’s, we use aggressive, group 2, 3des, md5 here.

(6) Choose the menu Phase 2, under the Proposal Parameters, the Transform Algorithm, HMAC Algorithm are the same with VPN Router’s, we use esp-3des, md5 here. PFS Exchange and Compress Algorithm are disabled.

(7) Choose the menu Policy, don’t tick Obtain Topology Automatically or Tunnel All. Then click on Add. Select Include as Type, enter the VPN Router’s LAN Subnet Address and Subnet Mask, it’s 192.168.0.0, 255.255.255.0. Then click on OK and Save.

(8) Click on Connect.

Step 4 Verify the connectivity of the IPsec VPN Tunnel.

Choose the menu VPN > IPsec > IPsec SA to load the following page. If the IPsec VPN tunnel is established successfully, it will be shown in the list.

Источник

Shrew бесплатная альтернатива Cisco VPN Client

Столкнулся с проблемой установки Cisco VPN Client на Windows 7 да еще к тому же x64,
если на Windows 7 x86 с шаманским бубном можно запустить, то на x64 все попытки будут тщетны(Cisco почти принципиально не хочет делать x64 Vpn Client).

Отправляюсь в поисковики… и видим следующие выходы из ситуации:

1. Установка AnyConnect VPN Client, который работает на x64 но в нем нет IPSec (не подходит).
2. Создать виртуальную машину Windows x86 и установить Cisco VPN Client.
3. Установить один из кучи альтернативных платных клиентов (к слову не один из них не заработал)
4. Установка Windows x86 (и возможность получить BSOD на Win7 после установки Cisco Client) 🙂

Все вышеперечисленные методы мягко говоря непрактичные 🙂

5. Установка бесплатного OpenSource клиента Shrew (к слову он не только для Windows, но и для nix систем)

Приведу пример как настроить туннелирование с групповой авторизацией («Group Authentication»):

1) Создадим новый профиль соединения (кнопка Add)
и во вкладке General в поле «Host Name or IP address» укажем адрес шлюза IPSec и порт

2) Перейдем к вкладке «Client»
выберем force-rfc в пункте NAT traversal (всё остальное оставляем по умолчанию)

3) Перейдем к вкладке «Name Resolution» (тут все можно оставить по умолчанию, в большенстве случаев при грамотной настройке Cisco VPN Server сам вернет необходимые адреса)

4)Перейдем к вкладке «Authentication»
Установим «Authentication method» в Mutual PSK+Xauth (используеться если метод аутентификации по IPSec Group ID или по разделенному ключу )

4.1) Перейдем в подпункт «Local Identity», установим «Identification Type» = «Key Identifier»
и впишем IPSec group ID в поле «Key ID String»

4.2)Перейдем в подпункт «Remote Identity» установим «Identification Type» = «Any»

4.3)Перейдем в подпункт «Credentials» и впишем наш групповой пароль (IPSec Group Password) в поле
«Pre Shared Key»

5) Вкладки: Phase 1, Phase 2 и Policy не нуждаються в настройках, оставим всё по умолчанию

6) Сохраняем настройки соединения.

7) Нажимаем кнопку Connect
вводим свои учетные данные

Если всё хорошо в логе увидим заветную фразу «tunnel enabled»

Надеюсь моё описание пригодиться в облегчении создания туннелей на Windows x64.

Источник

Shrew soft vpn client android

This software uses the OpenSSL Toolkit ( http://www.openssl.org ) to provide strong cryptography. For this reason, please read the following legal notices.

BY DOWNLOADING THE SHREW SOFT VPN CLIENT, YOU ARE OBTAINING SOFTWARE THAT IMPLEMENTS STRONG CRYPTOGRAPHIC FUNCTIONALITY WHICH MAY BE CONTROLLED AND/OR REGULATED BY LAWS IN YOUR COUNTRY. YOU HEREBY CLAIM TO UNDERSTAND YOUR LEGAL OBLIGATION IN THIS REGARD AND ASSUME RESPONSIBILITY FOR THE VIOLATION OF ANY LAWS THAT GOVERN THE IMPORT/EXPORT AND/OR USE OF THE SOFTWARE IN YOUR COUNTRY.

The second disclaimer is text which is present on the OpenSSL download page.

OpenSSL Disclaimer

This software package uses strong cryptography, so even if it is created, maintained and distributed from liberal countries in Europe (where it is legal to do this), it falls under certain export/import and/or use restrictions in some other parts of the world.

PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS OF OPENSSL ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.

Software Information

System Requirements

This software package should install on any reasonable machine running a 32 or 64 bit version of Windows 2000, XP, Vista or Windows 7/8. Testing has only been performed on machines running with the latest service packs installed. For this reason, you are encouraged to keep your operating system up to date when using this software. An account with administrative privileges will be required to run the install application but not for normal operation.

Kernel Driver Signatures

The first stable release of the client to include signed kernel drivers for Microsoft Windows platforms is version 2.1.6. All previous versions include unsigned drivers.

Documentation and Support

Full documentation is now available online. Please visit our support page for a list of support options.

Release Information

Stable Releases

Stable releases are feature complete, presumed to be mostly bug-free and useful to the general public.

Beta Releases

Beta releases are feature complete but not presumed to be bug-free. The intended audience would be users that are interested in testing the software for bugs and regressions.

Alpha Releases

Alpha releases are not feature complete or presumed to be bug-free. The intended audience would be users that are interested in an advanced preview of the features that may be included in future Beta releases.

Future Release Plans

A future release plan and progress checklist can be found here

Product Versions

Product Editions

The Shrew Soft VPN Client for Windows is available in two different editions, Standard and Professional. The Standard version provides a robust feature set that allows the user to connect to a wide range of open source and commercial gateways. It contains no trial period limits, nag screens or unrelated software bundles. It is simply free for both personal and commercial use. The Professional edition offers additional features that may be helpful for users connecting to a corporate LAN. It is installed by default with a 14 day evaluation period limit. To use the Professional edition after the evaluation period has expired, a client license may be purchased from the Shrew Soft Shop.

Selecting an Edition

Shrew Soft offers a unified installer for both Standard and Professional editions. To install the professional edition, you must download the VPN Client Installer, version 2.2.1 or later. During the install process, you will be prompted to select the edition to install.

Источник

Main Page

Contents

A list of answers for Frequently Asked Questions is available at the following page.

Documentation

Online documentation is available for most of our products. If you have a question related to installation, configuration or a specific feature, please read through the documentation.

NOTE : A configuration guide for using the client with ipsec-tools is included with VPN Client Documentation versions 2.0.0 and later.

Configuration Guides

Most information required to install and configure our software is included in the product documentation. The following pages focus on specific configuration topics.

VPN Client and Open Source Gateway Howtos

VPN Client and Commercial Gateway Howtos

Mailing Lists

If you have a problem or a question regarding one of our products, please try searching the mailing list archives for a solution. We prefer to operate in a public forum as much as possible so that our clients have an opportunity to learn from each others experiences. If you have trouble locating a solution, please post a detailed message describing the problem. The mailing lists are monitored and help will be provided promptly.

Bug Reports

Before we can diagnose a problem with one of our products, its important that we receive an accurate bug report. The following guides describe how to gather all the data required by Shrew Soft to analyze and correct your issue.

Источник

Shrew soft vpn client android

Shrew Soft VPN Client

Shrew Soft offers a VPN that while mainstream in its privilege, got significant support when individuals began embracing Windows 7 64-bit by the thousand and found that Cisco wasn’t in any rush to discharge a 64-bit customer to oblige them.

Although it is a very lightweight application, it gives you a great number of elements and usefulness potential outcomes. With Shrew Soft VPN Client you advantaged from firewall transversal alternatives, verification strategies, ID sorts, trade modes, essential and propelled setup business characteristics, phase1 figures, and calculations, and also stage 2 changes and HMAC calculations.

While making another connection, you are to arrange it is utilizing data about the hostname, customer, verification, stage, and strategy. To the extent recognizable proof sorts go, Shrew Soft VPN Client empowers you to utilize an entirely qualified area name, the client completely qualified space name, IP address, and a key identifier. The trade modes that you can use are fundamental, forceful, setup, brisk and casual.

The utility empowers you to associate with both open source and business entryways and gives you an auto-reconnect highlight. For the individuals who are searching for a protected intends to exchange individual, vital documents crosswise over VPN administrations, Shrew Soft VPN Client is an instrument to be taken into genuine thought.

Источник