×

Discussion Board

Page 1 of 22 1234567891011 ... LastLast
Results 1 to 15 of 323
  1. #1
    Registered User
    Join Date
    May 2006
    Posts
    2

    Nokia Mobile VPN VPN-policy file

    Hi!

    I'm trying to get the VPN client working without a Nokia SSM. I have managed to get a VPN-policy into my phone by generating a .sis. What I need to know now is the configuration for a Cisco Concentrator 3000, what I have right now doesn't work. Unfortunately, I couldn't find any documentation anywhere about the subject.
    I'd appreciate any kind of help.

    Thanks,

    ken


    ...

    Code:
    SECURITY_FILE_VERSION: 3
    [INFO]
    VPN-policy-preshared-cisco.pol for Nokia Mobile VPN Client v3.0.
    [POLICY]
    sa ipsec_1 = {
    esp
    encrypt_alg 3
    auth_alg 2
    identity_remote 0.0.0.0/0
    src_specific
    hard_lifetime_bytes 0
    hard_lifetime_addtime 3600
    hard_lifetime_usetime 3600
    soft_lifetime_bytes 0
    soft_lifetime_addtime 3600
    soft_lifetime_usetime 3600
    }
    
    remote 0.0.0.0 0.0.0.0 = { ipsec_1(<vpnserver IP here) }
    
    inbound = { }
    outbound = { }
    
    [IKE]
    ADDR: <vpn server IP here> 255.255.255.255
    MODE: Aggressive
    SEND_NOTIFICATION: TRUE
    ID_TYPE: 11
    FQDN: <vpn group name here>
    GROUP_DESCRIPTION_II: MODP_1024
    USE_COMMIT: FALSE
    IPSEC_EXPIRE: FALSE
    SEND_CERT: FALSE
    INITIAL_CONTACT: FALSE
    RESPONDER_LIFETIME: TRUE
    REPLAY_STATUS: TRUE
    USE_INTERNAL_ADDR: FALSE
    USE_NAT_PROBE: FALSE
    ESP_UDP_PORT: 0
    NAT_KEEPALIVE: 60
    USE_XAUTH: TRUE
    USE_MODE_CFG: TRUE
    REKEYING_THRESHOLD: 90
    PROPOSALS: 1
    ENC_ALG: DES-CBC
    AUTH_METHOD: PRE-SHARED
    HASH_ALG: SHA1
    GROUP_DESCRIPTION: MODP_1024
    GROUP_TYPE: DEFAULT
    LIFETIME_KBYTES: 0
    LIFETIME_SECONDS: 28800
    PRF: NONE
    PRESHARED_KEYS:
    FORMAT: STRING_FORMAT
    KEY: 8 <vpn group password here>

  2. #2
    Registered User
    Join Date
    May 2006
    Location
    /home/pip
    Posts
    41

    Re: Nokia Mobile VPN VPN-policy file

    i found an interesting post about this in google groups.
    but also with this instructions i'm not able to create a sis file to install a vpn-policy on my nokia e60. i hope anyone have more access and can help...

    for makesis.exe i downloaded:
    S60 Platform SDKs for Symbian OS, for C++
    SDK for 3rd Edition

  3. #3
    Registered User
    Join Date
    May 2006
    Posts
    3

    Re: Nokia Mobile VPN VPN-policy file

    Hi!

    I've got the same problem, and I think it's due to the different file structure in Symbian 3rd Edition. I can create a sis, but it doesn't install on my e60. I looked on my phone with a file explorer, and all the system files are at the folder c:\sys and not System anymore. Also there are some security measures, so that you can't access the sys folder (for now).

    I uploaded a pdf file from nokia, how to get the Mobile VPN working with cisco on a Nokia Communicator. Maybe someone can modify the pkg files to make it compatible with the E60?!?

    zeus

  4. #4
    Registered User
    Join Date
    May 2006
    Location
    /home/pip
    Posts
    41

    Re: Nokia Mobile VPN VPN-policy file

    now i can create the sis file too and i can install it. but the policy is not detected under vpn connections. so it seems that i have the same problem with the different file structure...
    Last edited by pipipde; 2006-05-27 at 21:38.

  5. #5
    Registered User
    Join Date
    Jun 2006
    Location
    Germany, Duesseldorf
    Posts
    1

    Unhappy Re: Nokia Mobile VPN VPN-policy file

    Hi there,
    In contrast to some other posters, i'm already stuck with the sis-file creation. Here's what i get:

    C:\Temp>makesis.exe -v VPN-policy-preshared-Cisco.pkg
    Processing VPN-policy-preshared-Cisco.pkg...
    VPN-policy-preshared-Cisco.pkg(1) : processing comment
    VPN-policy-preshared-Cisco.pkg(2) : processing comment
    VPN-policy-preshared-Cisco.pkg(3) : processing comment
    VPN-policy-preshared-Cisco.pkg(5) : processing comment
    VPN-policy-preshared-Cisco.pkg(6) : processing comment
    VPN-policy-preshared-Cisco.pkg(7) : processing vendor name
    VPN-policy-preshared-Cisco.pkg(8) : processing languages
    VPN-policy-preshared-Cisco.pkg(10) : processing comment
    VPN-policy-preshared-Cisco.pkg(11) : processing comment
    VPN-policy-preshared-Cisco.pkg(12) : processing comment
    VPN-policy-preshared-Cisco.pkg(13) : processing header
    Installation type SISCONFIG ignored, application assumed.
    VPN-policy-preshared-Cisco.pkg(15) : processing comment
    VPN-policy-preshared-Cisco.pkg(17) : processing comment
    VPN-policy-preshared-Cisco.pkg(18) : processing file
    VPN-policy-preshared-Cisco.pkg(20) : processing comment
    VPN-policy-preshared-Cisco.pkg(21) : processing comment
    VPN-policy-preshared-Cisco.pkg(22) : processing comment
    VPN-policy-preshared-Cisco.pkg(23) : processing comment
    VPN-policy-preshared-Cisco.pkg(24) : processing comment
    VPN-policy-preshared-Cisco.pkg(25) : processing comment
    VPN-policy-preshared-Cisco.pkg(26) : processing file
    VPN-policy-preshared-Cisco.pkg(29) : processing comment
    VPN-policy-preshared-Cisco.pkg(30) : processing comment
    VPN-policy-preshared-Cisco.pkg(31) : processing dependency
    Unique vendor name not found.

    Generating SIS installation file...
    Created VPN-policy-preshared-Cisco.SIS
    Since i'm working with the just published S60 3rd maintainance release, my makesis might provide more information, especially the "Installation type SISCONFIG ignored, application assumed." one might be important for you.

    As long as i get no updated version of the "Best Practices:
    How to configure Nokia Mobile VPN Client with Preshared Key authentication (case Cisco)" document or another hint, i'm stuck without any vpn solution

    regards,
    marcel

    --- EDIT ---
    I've added
    Code:
    %{"Vendor-EN"}
    &EN
    to the provided VPN-policy-preshared-Cisco.pkg which is new in S60v3 i think.

  6. #6
    Regular Contributor
    Join Date
    Mar 2003
    Posts
    144

    Re: Nokia Mobile VPN VPN-policy file

    Quote Originally Posted by pipipde
    now i can create the sis file too and i can install it. but the policy is not detected under vpn connections. so it seems that i have the same problem with the different file structure...
    Did you do anything differently?

    When I try to install it tells me:

    Cannot install, VPN Policy application not available.

    I check it, it is definitly present on the phone

    Regards
    Max

    PS: tried with a Nokia 6260

  7. #7
    Registered User
    Join Date
    May 2006
    Location
    /home/pip
    Posts
    41

    Re: Nokia Mobile VPN VPN-policy file

    lkz633,
    no i just added the vendor name (like da.bad).

    but i only can install it, it doesn't work!
    perhaps it helps if anybody can give us a vpn-policy from these cisco-routers which work with nokias vpn client...
    piPOIAlert - http://pipoialert.pipip.de

  8. #8
    Registered User
    Join Date
    Jul 2006
    Posts
    1

    Re: Nokia Mobile VPN VPN-policy file

    Anyone have an example SIS for connecting to a Windows Server 2003 VPN Server?

  9. #9
    Registered User
    Join Date
    May 2006
    Location
    /home/pip
    Posts
    41

    Re: Nokia Mobile VPN VPN-policy file

    sschueller:
    at the moment nobody seems to know where (which folder) the vpn-files have to put on the phone (symbian 9.1 3rd) or if the filestructure self is different.
    so in your question is no sense...
    Last edited by pipipde; 2006-07-17 at 18:13.
    piPOIAlert - http://pipoialert.pipip.de

  10. #10
    Registered User
    Join Date
    Aug 2006
    Posts
    7

    Re: Nokia Mobile VPN VPN-policy file

    Today I'he managed to establish vpn from my e60 to cisco pix 6.3(5). i used the above instruction to create sis file. The only problem I had was to sign the sis file. I'm not sure that anybody is still interested in this subject. Pls let me know.

  11. #11
    Regular Contributor
    Join Date
    Mar 2003
    Posts
    144

    Re: Nokia Mobile VPN VPN-policy file

    Hi,

    yes, I am very interested in it.

    Can you show the content of your pkg file?

    How did you sign it, with a slef-created certificate?

    After installation, does it show up inside the vpn application in policy and connection?

    Regards
    Max

  12. #12
    Registered User
    Join Date
    Aug 2006
    Posts
    7

    Re: Nokia Mobile VPN VPN-policy file

    First I tried to sign the sis file with self-signed cert but then you wouldn't be able to install policy file because it's protected application. I used symbian developer cert to sign the file and then installed it with no problem. Of cause it shown in vpn policy section of my phone.

  13. #13
    Registered User
    Join Date
    Aug 2006
    Posts
    7

    Re: Nokia Mobile VPN VPN-policy file

    Here is my policy file:

    SECURITY_FILE_VERSION: 3
    [INFO]
    Moscow Office VPN Policy for Nokia Mobile VPN Client v3.0.
    [POLICY]
    sa ipsec_1 = {
    esp
    encrypt_alg 12 <- AES256
    max_encrypt_bits 256
    auth_alg 3 <- SHA
    identity_remote XXX.XXX.XXX.0/24 <- internal network
    pfs
    src_specific
    hard_lifetime_bytes 0
    hard_lifetime_addtime 3600
    hard_lifetime_usetime 3600
    soft_lifetime_bytes 0
    soft_lifetime_addtime 3600
    soft_lifetime_usetime 3600
    }


    remote XXX.XXX.XXX.0 255.255.255.0 = { ipsec_1(XXX.XXX.XXX.XXX) } <- internal network, the same as above & PIX outside address
    inbound = { }
    outbound = { }


    [IKE]
    ADDR: XXX.XXX.XXX.XXX 255.255.255.255 <- PIX outside address
    MODE: Aggressive
    SEND_NOTIFICATION: TRUE
    ID_TYPE: 11
    FQDN: GroupName <- I don't think it is needed
    GROUP_DESCRIPTION_II: MODP_1024
    USE_COMMIT: FALSE
    IPSEC_EXPIRE: FALSE
    SEND_CERT: FALSE
    INITIAL_CONTACT: FALSE
    RESPONDER_LIFETIME: TRUE
    REPLAY_STATUS: TRUE
    USE_INTERNAL_ADDR: FALSE
    USE_NAT_PROBE: FALSE
    ESP_UDP_PORT: 0
    NAT_KEEPALIVE: 60
    USE_XAUTH: FALSE <- I do not use xauth on my PIX
    USE_MODE_CFG: TRUE <- it must be true to get ip address etc.
    REKEYING_THRESHOLD: 90
    PROPOSALS: 1
    ENC_ALG: AES256-CBC
    AUTH_METHOD: PRE-SHARED
    HASH_ALG: SHA1
    GROUP_DESCRIPTION: MODP_1024
    GROUP_TYPE: DEFAULT
    LIFETIME_KBYTES: 0
    LIFETIME_SECONDS: 86400
    PRF: NONE
    PRESHARED_KEYS:
    FORMAT: STRING_FORMAT
    KEY: 8 PASSWORD

  14. #14
    Regular Contributor
    Join Date
    Mar 2003
    Posts
    144

    Re: Nokia Mobile VPN VPN-policy file

    Hi,

    could you also show pkg file to create sis archive?

    Regards
    Max

  15. #15
    Registered User
    Join Date
    Aug 2006
    Posts
    7

    Re: Nokia Mobile VPN VPN-policy file

    Here is my pkg file:

    ;
    ; A VPN POLICY PACKAGE
    ;
    %{"Vendor-EN"}

    :"ABC Ltd"

    ; LANGUAGES

    &EN

    #{"Moscow VPN Policy"},(0x1000597E),1,0,0,TYPE = SA

    ; Policy file
    "VPN-policy-preshared-Cisco.pol"-"C:\System\Data\Security\Install\VPN-polic­y-preshared-Cisco.pol"

    "VPN-policy-preshared-Cisco.pin"-"C:\System\Data\Security\Install\VPN-polic­y-preshared-Cisco.pin",
    FM, "application/x-ipsec-policy-info"

    (0x1000597E), 1, 0, 0, {"VPN Policy Installer"}

Similar Threads

  1. strange behavior on sending jar file via WAP for different mobile network
    By thone in forum Digital Rights Management & Content Downloading
    Replies: 2
    Last Post: 2005-10-28, 07:53
  2. Replies: 0
    Last Post: 2005-01-05, 11:24
  3. bug in nokia mobile server services...
    By sridhar_ratna in forum General Messaging
    Replies: 0
    Last Post: 2003-05-26, 04:19
  4. Http connection problem in 6310i
    By teahola in forum Mobile Java General
    Replies: 1
    Last Post: 2002-10-03, 18:46
  5. Replies: 1
    Last Post: 2002-08-01, 05:18

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×