Our admin just changed the vpn stuff to something different and I'd like to know how to connect to the windows vpn from a linux (debian testing) box.
- a certificate file (in
p7bformat, which I was able to convert topem, which supposedly helps...) - the name for a CA that I'm supposed to trust and
- a server name which I'm supposed to connect to (that does not resolve to an IP address when looking it up from the internet, but I still have the IP address I used with the old VPN installation and I think it is still the one to connect to)
The shear amount of acronyms you encounter when trying to figure this out is just amazing (eap-tls? eap-peap? eap-ttls? ???), and I had hopes that the patch at http://www.nikhef.nl/~janjust/ppp/doc.html could help me. But it seems like I need at least all the following:
- Client certificate file
The file containing the certificate chain for the
client in PEM format
- CA certificate file
The file containing the trusted CA certificates in PEM
format.
- Client private key file
The file containing the client private key in PEM format.
The windows guys only need that one file in order to set things up. So I'm not sure whether this is a dead end or how I'm supposed to get those files.
Here are the hopefully crucial bits of the converted-to-pem certificate:
Certificate:
Signature Algorithm: sha1WithRSAEncryption
...
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
...
X509v3 extensions:
1.3.6.1.4.1.311.20.2:
...C.A
X509v3 Key Usage:
Non Repudiation, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Does anyone know how to connect to this Windows VPN?
