LizardVPN

From LizardWiki, FastLizard4's wiki and website
Revision as of 03:30, 9 April 2013 by FastLizard4 (Talk | contribs) (I guess the app switching only works on iPad)

Jump to: navigation, search

LizardVPN is a VPN service offered to users of ridley.fastlizard4.org. It uses the Layer 2 Tunneling Protocol with Internet Protocol Security (L2TP/IPSec) system, and uses standard PAM authentication - that is, you log in using your existing ridley.fastlizard4.org SSH username and password.

Please be advised that you must have protected your login with two-factor authentication to use LizardVPN, regardless of whether you use passwords or SSH keys to perform SSH login to ridley. This is to curb abuse as well as provide an extra layer of protection. If you do not already have two-factor auth set up on ridley for your account, please go here to set it up before continuning on this page. Instructions on how to log in to the VPN with your passwod and two-factor verification code are below.

Please be aware that this service is provided with a great measure of trust. Abuse of the VPN will not be taken lightly, and will probably result in your access to LizardNet to be completely suspended.

Also, be aware that at this time, LizardVPN only supports IPv4 connections, but they may be behind NAT or direct. This is why you must specify ipv4.ridley.fastlizard4.org instead of just ridley.fastlizard4.org, since you have to force IPv4 even if you're on an IPv6 connection.

Setup and use

If you are familiar with VPN setup, the basic connections details are in the table to the right. Step-by-step instructions for various operating systems follow.

Windows 7

These instructions were written for Microsoft Windows 7. They may or may not be easily applicable to other versions of Windows.

First-time setup

  1. Open the Network and Sharing Center
  2. Under Change your networking settings, click Set up a new connection or network
  3. In the wizard that appears, select Connect to a workplace: Set up a dial-up or VPN connection to your workplace and click Next.
  4. If asked "Do you want to use a connection that you already have?", select No, create a new connection and click Next.
  5. Click Use my Internet connection (VPN)
  6. At the Internet address prompt, enter ipv4.ridley.fastlizard4.org.
  7. At the Destination name prompt, enter LizardVPN
  8. Check the checkbox Don't connect now; just set it up so I can connect later. Check or uncheck the other two boxes as you wish, though do not check "Use a smart card" if you don't know what you're doing.
  9. You will now be prompted to "Type your username and password". Enter your SSH login username at Username, but leave all other fields and checkboxes blank/unchecked, and click Create.
  10. If you've done everything correctly, you'll see "The connection is ready to use". Click Close; do not click "Connect now".
  11. Now, click the networking icon in your system tray to open the Connect to menu
  12. Under Dial-up and VPN, click LizardVPN, then Connect
  13. In the dialog box that appears, click Properties
  14. Go to the Security tab
  15. Under Type of VPN, select Layer 2 Tunneling Protocol with IPSec (L2TP/IPsec) in the dropdown menu, then click Advanced settings
  16. Tick the radio button Use preshared key for authentication, and in the text box Key enter LIZARDNETIPSECVPN2005. Click OK.
  17. Under Data encryption, select Maximum strength encryption (disconnect if server declines) from the dropdown menu.
  18. Under Authentication, make sure that the Allow these protocols radio button is ticked, and ensure that Unencrypted password (PAP) is checked.
  19. Make sure that Automatically use my Windows logon name and password (and domain, if any) is unchecked.
  20. Click OK to go back to the "Connect LizarVPN" dialog box and continue in the next section ("Logging in").

Logging in

  1. If you haven't already, open the "Connect LizardVPN" dialog box by:
    1. Clicking the networking icon in your system tray to open the Connect to menu
    2. Under Dial-up and VPN, click LizardVPN, then Connect
  2. In the "Connect LizardVPN" dialog box, enter your SSH login username for User name if it isn't there already. Ensure that Domain is blank.
  3. Get a two-factor auth token from your two-factor code app.
  4. For Password, enter your SSH login password immediately followed by the token you got in the previous step.
    • For example, if your SSH login password is p@ssword and the token your app gave you is 123456, then you'd enter p@ssword123456 as your password in the dialog box.
  5. Click Connect
  6. If everything works, the dialog box indicating connection status will disappear. Visit http://myip.dk, and if you're connected, you should see ridley.fastlizard4.org appear on the page!

Disconnecting

  1. To disconnect, click the networking icon in the system tray again to open the Connect To menu
  2. Under Dial-up and VPN, select LizardVPN and click Disconnect.

iOS (including iPhone, iPod Touch, and iPad)

Note: These guides were written using an iPad 2 running iOS 6.1. Depending on your device and iOS version, the instructions may differ slightly.

First-time setup

VPN setup on an iPad. Click to enlarge.

Note: You may use the image to the right as a reference.

  1. Open the Settings app.
  2. Go to General> VPN and select Add VPN Configuration... if the "Add configuration" dialog doesn't open automatically when you open VPN settings.
  3. Select L2TP at the top, and enter the following:
    • Description: LizardVPN
    • Server: ipv4.ridley.fastlizard4.org
    • Account: your SSH login username
    • RSA SecurID: OFF
    • Password: leave blank
    • Secret: LIZARDNETIPSECVPN2005
    • Send All Traffic: ON
  4. Make sure Proxy is Off, then hit Save in the upper-right corner.
  5. LizardVPN: Custom should now appear under Choose a Configuration; ensure that it is checked (if it isn't, simply tap it).
  6. Continue in the next section to connect!

Logging in

  1. Open the Settings app.
  2. Under the Bluetooth toggle (in the left-hand column on iPads, or at the top of the Settings screen on iPod Touches/iPhones), there is a new VPN item. If LizardVPN is your only VPN, simply hit the switch to begin connection! Otherwise, selecting it will take you to the VPN menu. Make sure that LizardVPN: Custom is checked, and toggle the VPN switch at the top of the screen.
  3. You'll be prompted for your password. Enter your SSH login password immediately followed by your two-factor auth token.
    • For example, if your SSH login password is p@ssword and the token your app gave you is 123456, then you'd enter p@ssword123456 as your password in the dialog box.
    • Note: If your authenticator app is on the same device that you're trying to VPN from, you might have to juggle a little. I, using my iPad, was able to enter my password at the password prompt, switch to my authenticator app to get my two-factor auth code, then switch back to Settings to finish entering my password and code and connect to the VPN. Others (on iPod Touches and iPhones) were not able to do the same; instead, one should first check their authenticator app and get a two-factor auth code, then switch to Settings, then start the VPN connection and enter the two-factor auth code first while it's still fresh, then moving the cursor to the start of the password prompt and entering your password.
    • Hit Done in the upper-right corner.
  4. If it works, the VPN toggle will change to "ON"! Visit http://myip.dk in your browser, and you should see ridley.fastlizard4.org!

Disconnecting

  1. Return to the Settings app.
  2. Hit the VPN toggle again to change it from "ON" to "OFF". You have successfully disconnected.