I have been using m0n0wall for a few years now, but now I currently have a need for mobile IPSEC Clients.
I followed the setup in the m0n0wall FAQ for the m0n0wall setup.
http://doc.m0n0.ch/handbook/faq.html#id11648547Here is the .vpn file. Copy and paste into notepad and save as a .vpn file and import to shrewsoft.
n:network-ike-port:500
n:network-natt-port:4500
n:network-natt-rate:30
n:network-frag-size:540
n:network-dpd-enable:1
n:client-banner-enable:0
n:network-notify-enable:1
n:client-wins-used:0
n:client-wins-auto:0
n:client-dns-used:0
n:client-dns-auto:0
n:client-splitdns-used:0
n:client-splitdns-auto:0
n:phase1-dhgroup:2
n:phase1-life-secs:54600
n:phase1-life-kbytes:0
n:phase2-life-secs:28800
n:phase2-life-kbytes:0
n:policy-list-auto:0
n:client-addr-auto:0
s:client-ip-addr:10.0.0.10
s:client-ip-mask:255.255.255.255
n:version:2
n:network-mtu-size:1380
n:policy-nailed:0
s:client-saved-username:
n:vendor-chkpt-enable:0
s:network-host:m0n0wall IP or Hostname
s:client-auto-mode:pull
s:client-iface:direct
s:network-natt-mode:enable
s:network-frag-mode:disable
s:auth-method:mutual-psk
s:ident-client-type:ufqdn
s:ident-server-type:address
s:ident-client-data:Client Email Address
b:auth-mutual-psk:Client Pre-Shared Key
s:phase1-exchange:aggressive
s:phase1-cipher:3des
s:phase1-hash:sha1
s:phase2-transform:esp-3des
s:phase2-hmac:sha1
s:ipcomp-transform:disabled
n:phase2-pfsgroup:2
s:policy-list-include:10.0.0.0 / 255.255.255.0
Within the shrewsoft client modify:
IP or hostname
client email address
client PSK
m0n0wall subnet