betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

VPN Notes

VPN from Nokia Symbian phone to OpenBSD IPsec

... it works.

I've managed to set up a VPN connection from my Nokie e71 mobile phone to my OpenBSD server. I've used the Nokia VPN client for Symbian on the phone and the normal OpenBSD IPsec setup in /etc/ipsec.conf on the server (with OpenBSD 4.6-stable).

Nokia config:

There are two alternative ways of doing this:

  1. Using Nokia's windows-only point-and-click config tool ("Nokia Mobile VPN Client Config Tool"): Nokia VPN Clicky-Config
  2. Using plain text config files (for those who know what they're doing or for those who just want to copy&paste an example and do minimal changes: Nokia VPN Config Files

In both cases you should end up with one file ending in .vpn that you transfer to the phone (e.g. by bluetooth) and open there. It is (at least on my e71) no longer necessary to sign this file. It's basically just a .zip file that is renamed with a .vpn extension.

Further setup on the phone:

I'm not trying to recreate the VPN user manual here (yes, there is such a thing, in PDF form). To configure the VPN with your new policy, this is a rough outline what you do:

  1. Open the policy file that you transferred to the phone
  2. go to "Settings -> Connection -> VPN", check in "VPN Management -> VPN policies" that the stuff arrived, you might also want to take note that there is "VPN Management -> VPN logs".
  3. Open "VPN access points". If you have no "VPN access point" yet, create one. Give it a name, select your new policy, link it to an "Internet access point" that you use for normal TCP/IP access on your phone.
  4. Use a program that accesses the net and lets you choose an access point for that (i.e. almost any of them), you should see your new VPN access point in the list, choose it and connect.
  5. If you have problems, use the trace debug procedure described in Nokia VPN Clicky-Config to see what isakmpd is actually getting from the phone.

If you are using the free version of SmartConnect from www.birdstep.com to ease your Symbian life when it comes to access points, then you should note that the free version will not work with your VPN connection: You can select your "smart connect" access points in the "VPN access point" screen, but the phone will never connect the VPN server. Apparently it should work in the paid version. I don't have that, so I can't tell. (If you don't use the free SmartConnect version on your e71, well, you should. It makes life a lot easier.)

If you get errors (you can see them in the VPN log in the phone's settings), check out the error codes from Nokia's VPN error code specifications.

Comments:

If you want, you can comment on the blog post that went with these docs.

Questions, help, support

I can not help you. I have written down the information that I have, you're on your own now.