Search Discussions:
Advanced Search...
Welcome to Nokia Support Discussions! Here you can share advice and tips with thousands of other Nokia users around the world in English. Many Nokia employees also follow and participate in the discussions, see our guidelines for more information. Everyone can search and read the discussions, but to post your own question or reply to others, simply sign in with your Nokia account. If this is your first time here, you can choose an alias to represent you. And if you don't have a Nokia account yet, please register.
Reply

Re: Mobile VPN for N8

Contributor
twiggy
Posts: 7

Re: Mobile VPN for N8

Ismo, thanks, PM sent.

Please use plain text.
Contributor
twiggy
Posts: 7

Re: Mobile VPN for N8

I just want to say a big "Thank you" to Ismo. He suggested a small change to my .pol file and now it's all working. Hurray!

Please use plain text.
Advisor
gtallan
Posts: 24

Re: Mobile VPN for N8

I'm afraid I'm also arriving here to beg for assistance! I think my situation is probably similar to that of petri71 and possibly twiggy. I know that my VPN provider is using a Cisco 5500 ASA, and they support both IPsec via AnyConnect and the legacy Cisco IPsec client, as well as third-party IPsec clients, the built-in clients of MacOS or iphone, and L2TP. So it seems fairly likely it should be possible to have the Nokia client also work. For connecting with (for example) an iPhone client, they provide the following information: Server Group name Secret then also my own username and password. I am guessing that this probably implies IKE preshared key with RADIUS, so tried using the Client Policy Tool to build a policy using the provided server, group name (as "identity value") and secret, but only get errors when I try to use it to connect. Does any of this make sense, and does it seem like it can be supported? I've attached my generated policy file (with group and secret removed). Would be most grateful for any advice! Graham
Please use plain text.
Advisor
gtallan
Posts: 24

Re: Mobile VPN for N8

Formatting of my last post was horrible, sorry! The two errors I got when trying to connect as described were firstly "received an error response from VPN gateway (its ip address), VPN access point (policy name), error code 14", followed by "Failed to activate VPN access, reason code -5258", which is "IKE negotiation with gateway failed because there was no acceptable proposal." in the admin guide. - Graham
Please use plain text.
Counsellor
petri71
Posts: 34

Re: Mobile VPN for N8

Hi Graham....

 

All I know about my case is that Ismo found a way to create the VPN policies for Witopia customers on Nokia N8. 

 

Please use plain text.
Advisor
gtallan
Posts: 24

Re: Mobile VPN for N8

 


petri71 wrote:

Hi Graham....

 

All I know about my case is that Ismo found a way to create the VPN policies for Witopia customers on Nokia N8. 

 


 

That's great to know, gives me hope it should be able to work for me too.

 

I did find a cisco pcf file for our VPN, and as far as I can tell, the items that correlate between the .pcf and the .pol files do make sense, but there are a lot of extra parts to the .pol file, so I still have something wrong.

 

Graham

Please use plain text.
Advisor
gtallan
Posts: 24

Re: Mobile VPN for N8

I got a little closer, by changing the hash and encryption algorithms in the .pol file.

Changing the IKE proposal to 3DES-CBC and MD5 got me a login prompt.

Changing the IPsec AS hash to MD5 got it to accept the password.

The VPN client log shows me authenticated to the gateway and obtaining an ip address.

But just after the VPN access point becomes active I get another error, "error from vpn gateway, error code 14", and the VPN access  point deactivates again...

 

Please use plain text.
Ex-employee (retired)
IsmoK
Posts: 101

Re: Mobile VPN for N8

Hi gtallan,

 

Error code 14 is NO_PROPOSAL_CHOSEN

so some parameter does not match the GW

configuration. Send me a PM and I will look

at it.

 

Thanks,

 

Ismo

 

Please use plain text.
Advisor
Posts: 17

Re: Mobile VPN for N8

[ Edited ]

[Edit: this was meant to have been a reply to a much earlier reply by IsmoK, oh well]

There is an often mentioned problem with the Nokia Configuration tool - in VPN mode, you cannot save a config because it throws up an error about .NET v2 not being installed. Well, it is installed or at least a later version is installed as would be expected - v2 is OLD!! So, it's even more complications....

 

All I want to do is configure Witopia using IPsec [Cisco] for use on my Nokia N8. The guys at Witopia have tried to be real helpful, and it looks like you have tried to be too, but what are we supposed to do? I want to stay with Nokia but sometimes things that are easy on other platforms end up being so complicated!

 

Feel free to message me or engage me in testing if you have a non-PPTP solution to configuring Witopia. The Windows config instructions, which I've tried successfully, are here:

https://www.hopthewall.com/wiki/wiki/Installing_personalVPN-IPsec_on_Windows

and the gateways are here:

https://www.hopthewall.com/wiki/wiki/Selecting_your_WiTopia_Cisco_IPsec_VPN_Service_Gateway

[I'm wanting London].

 

Thanks. 

Please use plain text.
Ex-employee (retired)
IsmoK
Posts: 101

Re: Mobile VPN for N8

Hi dougalzene.

 

I'll send you a PM.

 

Thanks,

 

Ismo

 

Please use plain text.
Advisor
Moritz_JT
Posts: 27

Re: Mobile VPN for N8

You can specify a unique DNS to use... It is located under advanced view somewhere...
Please use plain text.
Mobile Visionary
donofworld
Posts: 1,190

Re: Mobile VPN for N8

does this vpn app support udp protocole connection?

"If I'm helpful in anyway, a click of appreciation on the star button would be considered as thanks.....Current phone Nokia Lumia 920
Please use plain text.
Ex-employee (retired)
IsmoK
Posts: 101

Re: Mobile VPN for N8

Hi,

 

Nokia Mobile VPN Client supports IPsec connections using tunnel mode with UDP encapsulation.

 

Thanks,

 

Ismo

 

Please use plain text.
New Member
alishark
Posts: 1

Re: Mobile VPN for N8

[ Edited ]

hi.is that support pptp protocol?i have n8 please help me.i want vpn software witch support pptp protocol.is that exist?please help me.

Please use plain text.
Advisor
Moritz_JT
Posts: 27

Re: Mobile VPN for N8

If you read through the pages, you'll find out, that the only suitable PPTP solution was developped by telexy and is currently discontinued for S^3. So not PPTP for N8 in any working state as far as I am informed.

Please use plain text.
New Member
Helac
Posts: 2

Re: Mobile VPN for N8

[ Edited ]

Hei Ismok,

can you please help me?

First Hi and that is a nice Forum here. Iam Philipp from Germany.

Ive got an Nokia N8 and at our University in Heilbronn, there are 2 WiFi access possibilities.

First, the Eduroam, which i've tried to connect to for about 1 week...

There is the problem that the Radius Server dont likes the Nokia? )=

 

Second, via a IPsec VPN Tunnel from a second (open) Wifi, called Belwue.

Ive already installed the MobieVPN Client from Nokia and created from the pcf the .pol files.

Ive attached that 2.

Now before entering with Opera browser there comes in the protocoll: "Failed to activate VPN accespoint 'Fhhn', reason code -2"

The files are here attached, the group iss: "fhhn"  shareed secret:"fhhnvpn"

 

How do i have to activate the vpn connection, ive got 5 points to go to internet(wifi) and one under the category "Intranet". I selected, when Opera asks me, the Fhhn-VPN connection.

Is that ok, do i not first have to select the wifi-network? Or asks me opera that after?

 

Many questions for now.

Can you help me Ismo? Just look the files added...

you can also mail me..

thank you very much...

 

 

EDIT: i cannot add here the files.

 

 

MODERATOR'S NOTE:  We would like to inform you that we have removed your email address as it is unwise to publish personal details on a public forum.

Please use plain text.
New Member
Helac
Posts: 2

Re: Mobile VPN for N8

now here the two files:

fhhn.pcf:

****************************************************************** 

[main]
Description=FHHN
Host=vpn.hs-heilbronn.de
AuthType=1
GroupName=fhhn
GroupPwd=
enc_GroupPwd=D5FC7D16D19E9B4F79E0A2D0C1074DEB3A3DAEF15055B67A779AF0E8928DB160EEE1A225BA0D5D35CCA56DBCD10245BD
EnableISPConnect=0
ISPConnectType=1
ISPConnect=
ISPCommand=
Username=
SaveUserPassword=0
UserPassword=
enc_UserPassword=
NTDomain=
EnableBackup=0
BackupServer=
EnableMSLogon=1
MSLogonType=0
EnableNat=1
TunnelingMode=0
TcpTunnelingPort=10000
CertStore=0
CertName=
CertPath=
CertSubjectName=
CertSerialHash=00000000000000000000000000000000
SendCertChain=0
VerifyCertDN=
DHGroup=2
ForceKeepAlives=0
PeerTimeout=90
EnableLocalLAN=0
EnableSplitDNS=1
 *********************************************************************************

 

and my VPN-policy-preshared-Cisco.pol:

^********************************************************************************

SECURITY_FILE_VERSION: 3
[INFO]
VPN-Policy for Nokia Mobile VPN Client v3.0.
[POLICY]
sa ipsec_1 = {
esp

encrypt_alg 2=DES, 3=3DES, 12=AES
auth_alg 2=MD5, 3=SHA-1
MODE Aggressive, MAIN
GROUP_DESCRIPTION_II MODP_768 (DH-Group 1),
MODP_1024 (DH-Group 2),
MODP_1536 (DH-Group 5),
MODP_3072 (DH-Group 7)
ENC_ALG DES-CBC, 3DES-CBC, AES256-CBC
HASH_ALG MD5, SHA1
GROUP_DESCRIPTION MODP_768 (DH-Group 1),
MODP_1024 (DH-Group 2),
MODP_1536 (DH-Group 5),
MODP_3072 (DH-Group 7)


max_encrypt_bits 256

identity_remote 0.0.0.0/0
src_specific
hard_lifetime_bytes 0
hard_lifetime_addtime 3600
hard_lifetime_usetime 3600
soft_lifetime_bytes 0
soft_lifetime_addtime 3600
soft_lifetime_usetime 3600
}

remote 0.0.0.0 0.0.0.0 = { ipsec_1(193.197.62.113) }
inbound = { }
outbound = { }

[IKE]
ADDR: 193.197.62.113 255.255.255.255
MODE: Aggressive
SEND_NOTIFICATION: TRUE
ID_TYPE: 11
FQDN: fhhn
GROUP_DESCRIPTION_II: MODP_1024
USE_COMMIT: FALSE
IPSEC_EXPIRE: FALSE
SEND_CERT: FALSE
INITIAL_CONTACT: FALSE
RESPONDER_LIFETIME: TRUE
REPLAY_STATUS: TRUE
USE_INTERNAL_ADDR: FALSE
USE_NAT_PROBE: FALSE
ESP_UDP_PORT: 0
NAT_KEEPALIVE: 60
USE_XAUTH: TRUE
USE_MODE_CFG: TRUE
REKEYING_THRESHOLD: 90
PROPOSALS: 1
ENC_ALG: 3DES-CBC
AUTH_METHOD: PRE-SHARED
HASH_ALG: MD5
GROUP_DESCRIPTION: MODP_1024
GROUP_TYPE: DEFAULT
LIFETIME_KBYTES: 0
LIFETIME_SECONDS: 28800
PRF: NONE
PRESHARED_KEYS:
FORMAT: STRING_FORMAT
KEY: 7 fhhnvpn
*******************************************************************************
 

 

Please use plain text.
Ex-employee (retired)
IsmoK
Posts: 101

Re: Mobile VPN for N8

Hi Helac.

 

I will send a Private Message to you.

 

Thanks,

 

Ismo

 

Please use plain text.
Contributor
mohsenkeshani
Posts: 7

Re: Mobile VPN for N8

i have n8 too and i downloaded the vpn client and every thing about it but i can't setup and fix it.it installed but don't work!what am i must doing?help me iwant the vpn!:smileymad:

Please use plain text.
New Member
joni_k
Posts: 1

Re: Mobile VPN for N8

Hi,

 

Does anyone has tested MobileVPN through Checkpoint R7x  because NGX isn't supported anymore

 

 

Thanks,

 

JK

Please use plain text.