<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16525" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Short Answer: Yes</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Explanation:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>To Openswan "client" and "server" are somewhat
subjective.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>In IPSec both sides work the same way, the only significant
difference being who starts the tunnel?</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>If both have static ip's then either can start the
tunnel.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>If one has a dynamic ip, then it must start the tunnel
(client), and the static ip must respond (server).</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Both sides can be configured to allow traffic from the
local lan to use the tunnel.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>The configuration varies depending on what you want to
do.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Are both computers directly connected to
the internet or is one or both behind an internet
gateway?</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Do you want the "client" to be able to tunnel just to the
"server"?</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Or do you want the "client" to be able to tunnel to the
"server"s lan also?</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=434165413-26092007><FONT face=Arial
color=#0000ff size=2>Do you want the "client"s lan to be able to tunnel to the
"server" and the "server"s lan also?</FONT></SPAN></DIV>
<DIV><FONT face=Arial color=#0000ff size=2></FONT> </DIV>
<DIV align=left><FONT face=Arial size=2>Peter McGill</FONT></DIV>
<DIV> </DIV><BR>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> users-bounces@openswan.org
[mailto:users-bounces@openswan.org] <B>On Behalf Of </B>mix<BR><B>Sent:</B>
September 26, 2007 2:19 AM<BR><B>To:</B>
users@www.openswan.org<BR><B>Subject:</B> [Openswan Users] Can openswan act as
a vpn client<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV><FONT face=微軟正黑體 size=2>Hi there</FONT></DIV>
<DIV><FONT face=微軟正黑體 size=2></FONT> </DIV>
<DIV><FONT face=微軟正黑體 size=2>I need to build a VPN tunnel mode between two
linux machines.</FONT></DIV>
<DIV><FONT face=微軟正黑體 size=2></FONT> </DIV>
<DIV><FONT face=微軟正黑體
size=2>
tunnel mode</FONT></DIV>
<DIV><FONT face=微軟正黑體 size=2>linux client -------------- linux server (using
openswan) ----- Internet</FONT></DIV>
<DIV><FONT face=微軟正黑體 size=2></FONT> </DIV>
<DIV><FONT face=微軟正黑體 size=2>Server side using the openswan.</FONT></DIV>
<DIV><FONT face=微軟正黑體 size=2>Can openswan act as a VPN client
too?</FONT></DIV>
<DIV><FONT face=微軟正黑體 size=2></FONT> </DIV>
<DIV><FONT face=微軟正黑體 size=2>Best regards.</FONT></DIV>
<DIV> </DIV></BLOCKQUOTE></BODY></HTML>