Results 1 to 13 of 13
  1.    #1  
    Ok, it looks like I will never have an IPSec VPN client for the Treo 600, but at least there seems to be one included with the 650 (Certicom's Movian VPN).

    My question is: Has anybody used this VPN client to connect to an intranet and been successful? In particular, has anybody used this VPN client in conjunction with Active Sync/MS Exchange?

    I have had the Treo 600 for 4 months now, and by biggest complain is the lack of VPN support: My IT dept won't install Goodlink, so I have to use a redirect from my Exchange account to a POP3 account to check my e-mail in my T600, and I have to synch in order to get my calendar updated. I am willing to upgrade to the 650 (once the GSM version comes out), but only if the combination Movian VPN/Active Sync works well.

    Any information is appreciated,
  2. #2  
    Certicom has discontinued the Movian product line, so at this point I am not aware of any IPSEC VPN client that would work with the Treo 650.

    Is anybody aware of a solution here?
  3. #3  
    I think there are a few good VPN clients out there, but the one i've been using with success is MergicVPN.
  4. #4  
    Mergic is slick! PalmVNC, SMBmate, secure any client/server connection using PPTP.
    -->BtDUN pre- and post- SprintPCS update 1.12 paired to PC and PPC.
    Darth_Maul -- a dark attacker, trained in the Jedi arts.
  5. #5  
    Using Movian VPN IPSEC, works great, good latency, no issues. Using it for PalmVNC/MobileTS to control some servers. Don't use it for email, using Exchange via SSL-IMAP (Wrapped Port) and SSL-SMTP (StartTLS); self-signed cert with firewall rules to only allow Sprint's PCS netblock.
  6. #6  
    Quote Originally Posted by evilghost
    Using Movian VPN IPSEC, works great, good latency, no issues. Using it for PalmVNC/MobileTS to control some servers. Don't use it for email, using Exchange via SSL-IMAP (Wrapped Port) and SSL-SMTP (StartTLS); self-signed cert with firewall rules to only allow Sprint's PCS netblock.
    What's Sprint's Netblock?
    -->BtDUN pre- and post- SprintPCS update 1.12 paired to PC and PPC.
    Darth_Maul -- a dark attacker, trained in the Jedi arts.
  7. #7  
    Quote Originally Posted by pda_jedi
    What's Sprint's Netblock?

    NetRange: 70.0.0.0 - 70.8.255.255, 68.240.0.0 - 68.247.255.255
    CIDR: 70.0.0.0/13, 70.8.0.0/16, 68.240.0.0/13

    Basically, only allows an IP address originating from the Sprint PCS network to connect to the Exchange box on TCP 993/465 for IMAP-SSL/SMTP-SSL.

    Prevents skript-kiddies and another annoyances from trying to "get at me" while not having to incur the bandwidth overhead of IPSEC. All part of a day in the life of an IT Ninja.
  8. #8  
    evilghost, is this why I'm experiencing this:

    http://discussion.treocentral.com/sh...851#post617851

    I thought it was related to the subnet mask Sprint used to change your IP into a broadcast IP?
    -->BtDUN pre- and post- SprintPCS update 1.12 paired to PC and PPC.
    Darth_Maul -- a dark attacker, trained in the Jedi arts.
  9. #9  
    Nah, Subnet mask would have nothing to do with that, their not changing your Source-IP into a broadcast IP, that would screw up TCP handshake. You have a true routable IP address (real IP Address).

    When you go to "Whatismyip.com" you are using Sprint's Internet SQUID proxy server because you are hitting it on HTTP (TCP 80). To get your real IP Address you need to either hit an SSL source or run "ipconfig" from the phone. Let me grab my Treo and tell you how to get your real IP from that phone.
  10. #10  
    Quote Originally Posted by evilghost
    Nah, Subnet mask would have nothing to do with that, their not changing your Source-IP into a broadcast IP, that would screw up TCP handshake. You have a true routable IP address (real IP Address).

    When you go to "Whatismyip.com" you are using Sprint's Internet SQUID proxy server because you are hitting it on HTTP (TCP 80). To get your real IP Address you need to either hit an SSL source or run "ipconfig" from the phone. Let me grab my Treo and tell you how to get your real IP from that phone.
    Ah, a true IT_jedi!
    -->BtDUN pre- and post- SprintPCS update 1.12 paired to PC and PPC.
    Darth_Maul -- a dark attacker, trained in the Jedi arts.
  11. #11  
    When connected to Vision, go into Prefs\Network. It will show your Username/Password. Open the "File" menu, I don't know the name for it, but it's the button on the same horizontal plane as the home button, but on the right side of the phone.

    Select "Options" then "View Log". I believe you want "local IP Address".

    I'm down in my basement and roaming, but that's it I believe. If not, type "Info" and hit enter. You can type "?" for a list of commands, so you can use "ping [hostname]" and more.
  12. #12  
    Why does the "local IP address" under the log not match the IP addresses in Details button in Prefs/Network? That's been my problem.
    -->BtDUN pre- and post- SprintPCS update 1.12 paired to PC and PPC.
    Darth_Maul -- a dark attacker, trained in the Jedi arts.
  13. #13  
    Cause those are the HA servers. I forget what they are, but I believe they are used to authenticate your Vision account. I honestly don't know, but I know that isn't your IP address.

    I know the only way to find our your true IP is to look in the logfile, or perform any kind of traffic operation and watch the other end that wouldn't traverse the SQUID proxy server, like SSH, HTTPS, etc.

Posting Permissions