Using IPSec with pre-shared keys

Introduction

Windows XP can be configured to use IPSec with pre-shared keys. This guide explains how it can be impremented at no cost.

Installation

Prerequisites

You should have a basic knowledge of Windows and using the command prompt.

Windows XP Special Pack 2 should be installed.

Installing ipseccmd.exe

Download the Windows Support Tools for SP2 from the Microsoft website and install it. A command line tool, namely ipseccmd.exe, is included and it can be used to set up VPN tunnels using IPSec.

Configuration

Download the ipseces.msc MMC snap-in and double-click on it to add IPSec Policy Management functionality.

MMC IPSec

In the example below, we will set up a VPN tunnel using ESP, 3DES and SHA.

192.168.0.1 is the IP address of our computer.
192.68.1.0/255.255.255.0 is the subnet of the remote LAN.
192.0.2.1 is the IP address of the VPN gateway.
Our password is the word secret.

Type in the following three commands to set up the VPN tunnel:

ipseccmd -u
ipseccmd -f 0=192.168.1.0/255.255.255.0 -n ESP[3DES,SHA] -t 192.0.2.1 -a P:"secret" -1s 3DES-SHA-2 -r vpn
ipseccmd -f 192.168.1.0/255.255.255.0=0 -n ESP[3DES,SHA] -t 192.168.0.1 -a P:"secret" -1s 3DES-SHA-2 -r vpn

The VPN tunnel is established when we access the 192.168.1.0/255.255.255.0 subnet range. We can, for example, ping 192.168.1.1 to bring up the VPN tunnel.

Feedback

If you have any comments, you can contact the author here.

http://www.elandsys.com/resources/ipsec/winpsk.html

search
Home » Resources » IPSec
Products Solutions How to Buy Support Resources IPSec Contact us	Using IPSec with pre-shared keys Introduction Windows XP can be configured to use IPSec with pre-shared keys. This guide explains how it can be impremented at no cost. Installation Prerequisites You should have a basic knowledge of Windows and using the command prompt. Windows XP Special Pack 2 should be installed. Installing ipseccmd.exe Download the Windows Support Tools for SP2 from the Microsoft website and install it. A command line tool, namely ipseccmd.exe, is included and it can be used to set up VPN tunnels using IPSec. Configuration Download the ipseces.msc MMC snap-in and double-click on it to add IPSec Policy Management functionality. In the example below, we will set up a VPN tunnel using ESP, 3DES and SHA. 192.168.0.1 is the IP address of our computer. 192.68.1.0/255.255.255.0 is the subnet of the remote LAN. 192.0.2.1 is the IP address of the VPN gateway. Our password is the word secret. Type in the following three commands to set up the VPN tunnel: ipseccmd -u ipseccmd -f 0=192.168.1.0/255.255.255.0 -n ESP[3DES,SHA] -t 192.0.2.1 -a P:"secret" -1s 3DES-SHA-2 -r vpn ipseccmd -f 192.168.1.0/255.255.255.0=0 -n ESP[3DES,SHA] -t 192.168.0.1 -a P:"secret" -1s 3DES-SHA-2 -r vpn The VPN tunnel is established when we access the 192.168.1.0/255.255.255.0 subnet range. We can, for example, ping 192.168.1.1 to bring up the VPN tunnel. Feedback If you have any comments, you can contact the author here. http://www.elandsys.com/resources/ipsec/winpsk.html
© 2007 Eland Systems All rights reserved \| About us \| Privacy \| Site map \|