1 |
neysx 08/01/14 17:37:35 |
2 |
|
3 |
Modified: vpnc-howto.xml |
4 |
Log: |
5 |
#205738 Enhanced Tips and Tricks |
6 |
|
7 |
Revision Changes Path |
8 |
1.6 xml/htdocs/doc/en/vpnc-howto.xml |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/vpnc-howto.xml?rev=1.6&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/vpnc-howto.xml?rev=1.6&content-type=text/plain |
12 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/vpnc-howto.xml?r1=1.5&r2=1.6 |
13 |
|
14 |
Index: vpnc-howto.xml |
15 |
=================================================================== |
16 |
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/vpnc-howto.xml,v |
17 |
retrieving revision 1.5 |
18 |
retrieving revision 1.6 |
19 |
diff -u -r1.5 -r1.6 |
20 |
--- vpnc-howto.xml 10 Jan 2008 06:15:12 -0000 1.5 |
21 |
+++ vpnc-howto.xml 14 Jan 2008 17:37:35 -0000 1.6 |
22 |
@@ -1,5 +1,5 @@ |
23 |
<?xml version='1.0' encoding='UTF-8'?> |
24 |
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/vpnc-howto.xml,v 1.5 2008/01/10 06:15:12 nightmorph Exp $ --> |
25 |
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/vpnc-howto.xml,v 1.6 2008/01/14 17:37:35 neysx Exp $ --> |
26 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
27 |
|
28 |
<guide link="/doc/en/vpnc-howto.xml"> |
29 |
@@ -15,6 +15,9 @@ |
30 |
<author title="Contributor"> |
31 |
<mail link="opfer@g.o">Christian Faulhammer</mail> |
32 |
</author> |
33 |
+<author title="Contributor"> |
34 |
+ <mail link="fischer@××××××××××××××.de">Thomas Fischer</mail> |
35 |
+</author> |
36 |
|
37 |
<abstract> |
38 |
This document details how to connect your workstation to a Cisco VPN |
39 |
@@ -25,8 +28,8 @@ |
40 |
<!-- See http://creativecommons.org/licenses/by-sa/2.5 --> |
41 |
<license/> |
42 |
|
43 |
-<version>1.3</version> |
44 |
-<date>2008-01-09</date> |
45 |
+<version>1.4</version> |
46 |
+<date>2008-01-14</date> |
47 |
|
48 |
<chapter> |
49 |
<title>Introduction</title> |
50 |
@@ -755,7 +758,8 @@ |
51 |
</p> |
52 |
|
53 |
<note> |
54 |
-The init scripts don't handle DNS separation. |
55 |
+The init scripts don't handle DNS separation, but you can use the custom |
56 |
+scripts to achieve that. See <uri link="#tipsscript">Tips and Tricks</uri>. |
57 |
</note> |
58 |
|
59 |
</body> |
60 |
@@ -765,12 +769,13 @@ |
61 |
<chapter> |
62 |
<title>Tips and Tricks</title> |
63 |
<section> |
64 |
+<title>Graphical remote access</title> |
65 |
<body> |
66 |
|
67 |
<p> |
68 |
-If you are looking for a linux application that supports RDP (Remote Desktop |
69 |
-Protocol) then give <c>grdesktop</c> a try. It's a GUI app written in Gtk that |
70 |
-fits in well with a gnome desktop, but doesn't require it. If you don't want |
71 |
+If you are looking for a Linux application that supports RDP (Remote Desktop |
72 |
+Protocol) then give <c>grdesktop</c> a try. It's a GUI app written in GTK+ that |
73 |
+fits in well with a Gnome desktop, but doesn't require it. If you don't want |
74 |
the GUI configuration dialogs that grdesktop provides, then just install |
75 |
<c>rdesktop</c>. Ultimately, grdesktop is just a frontend for rdesktop. |
76 |
</p> |
77 |
@@ -806,6 +811,47 @@ |
78 |
|
79 |
</body> |
80 |
</section> |
81 |
+<section id="tipsscript"> |
82 |
+<title>Custom scripts on boot</title> |
83 |
+<body> |
84 |
+ |
85 |
+<p> |
86 |
+The custom-made scripts for the init.d file can be used to setup a user-defined |
87 |
+routing for the vpnc connection. The examples below show how to setup the |
88 |
+routing table so that only connections to 123.234.x.x are routed over the VPN |
89 |
+and all other connections use the default gateway. The example uses |
90 |
+work-preup.sh to save the current default gateway before starting vpnc (which |
91 |
+resets the default gateway using the VPN connection). Once vpnc has been |
92 |
+started, work-postup.sh deletes this new default gateway, restores the old |
93 |
+default gateway and sets the route for all connections to 123.234.x.x to use |
94 |
+the vpnc connection. |
95 |
+</p> |
96 |
+ |
97 |
+<pre caption="/etc/vpnc/scripts.d/work-preup.sh"> |
98 |
+#!/bin/sh |
99 |
+route -n | grep -E '^0.0.0.0 ' | cut -c 17-32 >/var/tmp/defaultgw |
100 |
+</pre> |
101 |
+ |
102 |
+<pre caption="/etc/vpnc/scripts.d/work-postup.sh"> |
103 |
+#!/bin/sh |
104 |
+route del -net 0.0.0.0 netmask 0.0.0.0 dev tun1 |
105 |
+route add default gw $(cat /var/tmp/defaultgw) |
106 |
+route add -net 123.234.0.0 netmask 255.255.0.0 dev tun1 |
107 |
+</pre> |
108 |
+ |
109 |
+<p> |
110 |
+The example scripts assume that the vpnc connection uses tun1 as tun device. |
111 |
+You can set the device name in the connection's configuration file. |
112 |
+</p> |
113 |
+ |
114 |
+<pre caption="/etc/vpnc/work.conf"> |
115 |
+Interface name tun1 |
116 |
+IPSec gateway vpn.mywork.com |
117 |
+Pidfile /var/run/vpnc.work.pid |
118 |
+</pre> |
119 |
+ |
120 |
+</body> |
121 |
+</section> |
122 |
</chapter> |
123 |
|
124 |
<chapter> |
125 |
|
126 |
|
127 |
|
128 |
-- |
129 |
gentoo-doc-cvs@l.g.o mailing list |