[gentoo-doc-cvs] cvs commit: vpnc-howto.xml

["swift" <swift@lark.gentoo.org>]

swift       05/08/07 20:09:53

  Added:       xml/htdocs/doc/en/draft vpnc-howto.xml
  Log:
  Adding draft vpnc howto from #97760

Revision  Changes    Path
1.1                  xml/htdocs/doc/en/draft/vpnc-howto.xml

file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/vpnc-howto.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/draft/vpnc-howto.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo

Index: vpnc-howto.xml
===================================================================
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">

<guide link="/doc/en/draft/vpnc-howto.xml">

<title>Gentoo vpnc HOWTO</title>

<author title="Author">
  David H. Askew
</author>

<!-- 
My email address is dhaskew on earthlink.net
-->

<abstract>
This document details how to connect your workstation to a Cisco VPN
concentrator utilizing vpnc to manage the connection.
</abstract>


<!-- The content of this document is licensed under the CC-BY-SA license -->
<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
<license/>

<version>0.9</version>
<date>2005-08-01</date>

<chapter>
<title>Introduction</title>
<section>
<body>

<p>
If you're reading this, then you likely need to connect to your office network
from home or during travel.  Many companies utilize Cisco 3000 VPN concentrators
for their VPN needs, and I am willing to bet that most Linux newbies think that
they are forced to use Windows to connect to them.  Well this document informs
you that connecting to a Cisco VPN is very well be possible and will hopefully
enable to you to setup a working tunnel using your Gentoo workstation or laptop.
</p>

</body>
</section>
<section>
<title>What this document is</title>
<body>

<ul>
  <li>A guide to the basic workings of vpnc</li>
  <li>A discussion of DNS and routing issues that relate to VPNs</li>
  <li>Examples of managing VPN sessions</li>
  <li>Useful tips and tricks (hopefully)</li>
</ul>

</body>
</section>
<section>
<title>What this document is not</title>
<body>

<ul>
  <li>An in-depth guide to VPN / encryption technologies</li>
  <li>A feature by feature explanation of vpnc</li>
</ul>

</body>
</section>
<section>
<title>Assumptions</title>
<body>

<p>
The assumptions made at this point are:
</p>

<ul>
  <li>You have Gentoo installed</li>
  <li>You have Internet access</li>
  <li>You want to connect to a Cisco 3000 VPN concentrator</li>
  <li>You know how to configure, build and install a new kernel</li>
</ul>

</body>
</section>
</chapter>

<chapter>
<title>Kernel Configuration</title>
<section>
<body>

<p>
In order for Linux to be able to open a VPN connection <e>Universal TUN/TAP
device driver support</e> must be enabled in the kernel.  What is it and why do
you need it?  Below is a relatively straight forward explanation from the kernel
configuration dialog:
</p>

<pre caption="CONFIG_TUN:">
TUN/TAP provides packet reception and transmission for user space
programs.  It can be viewed as a simple Point-to-Point or Ethernet
device, which instead of receiving packets from a physical media,
receives them from user space program and instead of sending packets
via physical media writes them to the user space program.

When a program opens /dev/net/tun, driver creates and registers
corresponding net device tunX or tapX.  After a program closed above
devices, driver will automatically delete tunXX or tapXX device and
all routes corresponding to it.
</pre>

<p>
You can verify if your kernel has TUN/TAP support with the following command:
</p>

<pre caption="Checking the kernel config">
# <i>cat /usr/src/linux/.config | grep TUN</i>
CONFIG_INET_TUNNEL=m
# CONFIG_INET6_TUNNEL is not set
# CONFIG_IPV6_TUNNEL is not set
CONFIG_TUN=m
# CONFIG_8139TOO_TUNE_TWISTER is not set
</pre>

<p>
As you can see above, <c>CONFIG_TUN=m</c> is compiled as a module.  If it is
disabled in your setup, enable it in your kernel of choice, rebuild,
install, reboot and return to this document before continuing with the next
steps.
</p>

<pre caption="Configuration location in the kernel configuration dialog">
Device Drivers  ---&gt;
  Networking support  ---&gt;
    [*] Universal TUN/TAP device driver support
</pre>

<p>
If you already have TUN/TAP support built in your kernel, or you just booted
your computer after a fresh kernel build, then you need to verify that the
kernel has the appropriate code initialized.
</p>

<p>
If you built TUN/TAP support directly into the kernel, you should see
information from <c>dmesg</c> output like the following:
</p>

<pre caption="Checking dmesg output">
# <i>dmesg | grep TUN</i>
Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky
</pre>

<p>
If you build TUN/TAP support as a module, you first must load the <c>tun</c> 
module:
</p>

<pre caption="Load tun module">
# <i>modprobe tun</i>
# <i>lsmod</i>
Module                  Size  Used by
tun                     7296  0
nvidia               4050204  12
</pre>

<p>
Now that the <c>tun</c> module is loaded, check <c>dmesg</c> output.  You 
should see something like the following:
</p>

<pre caption="Checking dmesg output">
# <i>dmesg | grep TUN</i>
Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky
</pre>

</body>
</section>
</chapter>

<chapter>
<title>Install Needed Software</title>
<section>
<body>

<p>
Now that you have a working kernel setup, you need to install 
<c>net-misc/vpnc</c>:
</p>

<pre caption="Installing vpnc">
# <i>emerge net-misc/vpnc</i>
</pre>

</body>
</section>
</chapter>




-- 
gentoo-doc-cvs@gentoo.org mailing list