Page 3 of 3 FirstFirst 123
Results 41 to 55 of 55
  1. hape's Avatar
    Posts
    556 Posts
    Global Posts
    578 Global Posts
    #41  
    As it looks that are more IBMer here. I got the VPN to IBM working. I will post the instructions in our internal forum in the next days. At the momen I'm testing the writeup with tcurtin.
    Send ma a PM with your IBM Notes address if you what to get an internal mail when the forum thred is up.

    HaPe

    P.s.: Sorry for the IBM spam in the thread ;-)
  2. hape's Avatar
    Posts
    556 Posts
    Global Posts
    578 Global Posts
    #42  
    Quote Originally Posted by NickDG View Post
    I'm an ex-IBMer. Was with themfor 2 1/2 years.
    only that short. I working for IBM since 13 years now :-) .

    HaPe
  3. tcurtin's Avatar
    Posts
    150 Posts
    Global Posts
    151 Global Posts
    #43  
    Hey all - HePe and I have had some success. There's a hitch though:
    In order to properly resolve internal addresses, vpnc needs to modify /etc/resolv.conf. Obviously, we can't be running around with the filesystem in writeable mode. So, you can either leave the IBM nameservers at the top of /etc/resolv.conf and take a timehit every... time... you... check... an... address... and aren't connected to the vpn. Or, you have to add some steps to the vpn signin for mounting as writeable, changing resolv.conf, mounting as readonly, and then starting vpn. when done, do the reverse. Neither is fantastic.

    I have the changes to interfaces made, but that didn't help. Can anyone provide some tips on how to get this working correctly? Something involving /usr/bin/PmNetConfigManager perhaps?

    For what its worth, I've been able to open w3 from my phone over wifi at home.
  4. #44  
    Would love to get this working. Not sure if I would opt to script the nameservers when kicking off VPN or not, but seems like a better solution than paying every time. And the nameservers can't be added to the bottom? I mean, yeah, you'd pay a price when doing stuff internally, but that's less critical, I think. At least for me.

    Might be some way to make it all happen more easily too...

    Either way, would love to get this going. Then get the Sametime patch for messaging. Sweet!

    @tcurtin, can you pm me or email me?
  5. mauro1's Avatar
    Posts
    205 Posts
    Global Posts
    213 Global Posts
    #45  
    howdy fellow IBMers, I've had success with reliable access to the internal network when on the road for work purposes, however I've gone a different route. Instead of looking for a way to make the Pre access the network and (more importantly) the services therein I have opted for a tethering strategy. This strategy sidesteps all the issues regarding application compatibility (notes, sametime, etc) to the detriment of extreme portability.

    Specifically for my function I need a full sized keyboard and display, so i have endeavored to make my tethering solution "bulletproof" Specifically I use the PAN bluetooth profile to provide an interface over which to run MTS/WECM/LMC over. With a VOIP client on my Thinkpad I have even been able to talk and surf at the same time, albeit carefully.

    Send me Notes mail to mauro1 to find out more if interested.
    Palm Pilot -> IBM WorkPad -> Handspring Visor -> Palm VIIx -> Palm T|X -> Palm Pre -> US GSM Palm Pre 2 [shelved] and 16GB HP TouchPad [died] -> (Samsung GNex and 32GB HP Touchpad with CM9)
  6. #46  
    I get the following error and can't open anything.

    Error: either "to" is duplicate, or "(null)" is a garbage.
    VPNC started in background (pid: 21759)...

    Please help?
  7. hape's Avatar
    Posts
    556 Posts
    Global Posts
    578 Global Posts
    #47  
    Hi gmoj1,

    that is an error in the vpnc-script that is distributed with this package. The script needs to be adopted for the Pre. I'm on the way to build a package that includes the needes changes.
    At the momen I'm testing with some clleags. I will post ist as soon as we have a stabile version.

    This is the change neede in vpnc-script to fix this error:
    Code:
    	fix_ip_get_output () {
    #Updated as fix => http://bugs.gentoo.org/show_bug.cgi?id=151852#c3
    #		sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g'
    		sed 's/cache//;s/(null)/mtu/;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g'
    	}
    HaPe

    p.s. The dns to your VPN will still not work after that fix. There need to be done more to fix this. The package I'm working on will take care of this
  8. #48  
    Thanks HaPe and where do i need to place this code inside vpnc-script?

    When will you be done with the package? As of now i can't access my univeristy's wifi network because of the way pre handle ssl certificates and was thinking vpn would be the way for me to access those services.

    thanks again
  9. #49  
    i get the following error when pasting the above code either at the beginning or at the end.

    Error: either "to" is duplicate, or "(null)" is a garbage.
    /opt/etc/vpnc/vpnc-script: line 522: cannot create /etc/resolv.conf: Read-only file system
    VPNC started in background (pid: 1606)...
  10. hape's Avatar
    Posts
    556 Posts
    Global Posts
    578 Global Posts
    #50  
    gmoj1,

    I hope to release it soon. I hope not more then a week. Please do not get me wrong, but if you can't do the change with the hint I gave you, then you should wait.

    Hape
  11. #51  
    Thanks HaPe. I really appreciate it... i hope this update doesn't turn out to be like webOS 1.4 update...

    Danke schön.
    Mit freundlichen Grüßen,
    gmoj1
  12. #52  
    I fixed it. I was not doing it correclty. THanks again HaPe.
  13. mauro1's Avatar
    Posts
    205 Posts
    Global Posts
    213 Global Posts
    #53  
    Quote Originally Posted by tcurtin View Post
    Hey all - HePe and I have had some success. There's a hitch though:
    In order to properly resolve internal addresses, vpnc needs to modify /etc/resolv.conf.
    Another alternative is to modify the /etc/dnsmasq.palm.conf so that resolution addresses terminating in "mycompany.com" are resolved by the smarty-pants mycompany.com DNS servers. Add this line
    Code:
    server=/mycompany.com/WW.XX.YY.ZZ
    You also need to disable negative caching so that the phone doesn't remember that a name that was unavailable earlier when the VPN was not active and retries to resolve it now that the VPN is active. Uncomment this line.
    Code:
    no-negcache
    Remember to stop/start dnsmasq to pick up the changes.
    Code:
    # stop dnsmasq
    # start dnsmasq
    Palm Pilot -> IBM WorkPad -> Handspring Visor -> Palm VIIx -> Palm T|X -> Palm Pre -> US GSM Palm Pre 2 [shelved] and 16GB HP TouchPad [died] -> (Samsung GNex and 32GB HP Touchpad with CM9)
  14. hape's Avatar
    Posts
    556 Posts
    Global Posts
    578 Global Posts
    #54  
    Hi mauro,

    the negcache could be the problem that I have at the moment.
    My current implementation replaces the /etc/resolv.conf with a link to a new one at /opt/etc/vpnc/resolv.conf . With that trick the vpnc-script can change the dns servers if the vpnc connection is created.
    This is working most the time. But I found one problem. The EAS background sync can sometimes not resolve the hosname, even if I can ping it the same time from Terminus. Curently I resolved this issue by using the IP address of the EAS server.

    Did you checked the scrips that Palm uses to mange the PPP/wlan connection?
    If not take a look at:
    Code:
    root@palm-webos-device:/etc/pmnetconfig# ls -l
    -rwxr-xr-x    1 root     root         9689 Feb 14 23:34 funcs
    -rwxr-xr-x    1 root     root         1283 Feb 14 23:34 if-down
    -rwxr-xr-x    1 root     root         2603 Feb 14 23:34 if-up
    -rwxr-xr-x    1 root     root         1201 Feb 14 23:34 init
    -rwxr-xr-x    1 root     root           65 Feb 14 23:34 iptablectrl
    -rwxr-xr-x    1 root     root         2981 Feb 14 23:34 iptables-default.config
    -rwxr-xr-x    1 root     root         3098 Feb 14 23:34 iptables-usbnetmode.config
    drwxr-xr-x    2 root     root         4096 Feb 14 23:34 staticroutes
    They also do updated to to the dnsmasq configuration and start/stop the demon. If i understood the scripts right then they relay on the changes they did to this files, so I would not like to drive there scrips crazy.

    I realized that Palm already include a r/w version of the file in the read only one at /etc/dnsmasq.palm.conf:
    Code:
    # Include a another lot of configuration options.
    conf-file=/tmp/pmnetconfig/dnsmasq.server.conf
    Perhaps we can add the once that vpnc gives to the vpnc-script as a parameter and stop/start dnsmasq or a simple "killall -HUP dnsmasq", because that is what the palm function NetCfgCommitDns() in /etc/pmnetconfig/funcs dose after changing the resolv.conf.
    Code:
    # If we modified a dnsmasq conf file, then we need
    # to restart dnsmasq so that it reads the changed
    # conf file. If we only modified resolv.conf, then
    # we only need send a HUP to dnsmasq so that it 
    # re-reads resolv.conf.
    NetCfgCommitDns() {
    What do you think? Can you help here. I'm not that deep in how Linux handles dns and how dnsmasq is working.

    One other question is how the routing is working. I'm not sure if all my Palm traffic in routed via the vpnc connection are only all dns request.

    HaPe
    Last edited by HaPe; 03/07/2010 at 10:24 AM.
  15. hape's Avatar
    Posts
    556 Posts
    Global Posts
    578 Global Posts
    #55  
    Quote Originally Posted by HaPe View Post
    gmoj1,

    I hope to release it soon. I hope not more then a week. Please do not get me wrong, but if you can't do the change with the hint I gave you, then you should wait.

    Hape
    ok, here we go => Howto: Cisco vpn connection

    HaPe
Page 3 of 3 FirstFirst 123

Posting Permissions