If in your company, or your workplace has Cisco VPN infrastructure, but at the same time you need to connect to some remote site using Ipsec, and you are Linux desktop user, then this is a good tip how to run both of them at the same time.
Already configured vpnc to connect to VPN
Already configured ipsec to connect to remote sites
Already configured Internet connection
Internet to VPN
To connect to corporate vpn, there’s a lot of guides out there. The important thing to consider, it’s that both daemons (vpnc and ipsec, pluto for StrongSwan ) CAN NOT bind to the same port. So in the case of vpnc, the way to start it it’s:
vpnc <name_of_your_profile> –local-port 0
If you run it this way, you’ll note that vpnc daemon it’s binded to random UDP port in your interfaces. You can use netstat to figure out which port it’s using. Now that you are connected to your VPN it’s time to use ipsec…
Connect to remote sites using IPSEC
StrongSwan it’s one of the most used ipsec implementations for Linux. One of the restrictions of StrongSwan, it’s that when it starts pluto daemon, it must be started in UDP port 500. So, now that you have started vpnc in different port, there’s shouldn’t be a problem running this one too:
You can see your configured logs for ipsec, and also you can use netstat to figure out the port that’s being used. With the daemon initialized, now you can open ipsec connections:
ipsec up <conn_name_configured_in_ipsec.conf>
Now that you have configured different ports for those daemons, it’s quite simple to used both at the same time. This approach enables you to use Linux, and open source software, instead of $$indows and $$isco proprietary software.