<div>Hi,</div>
<div> </div>
<div>Currently I am running an RRAS server to connect to my subnet.</div>
<div>I would like to replace RRAS with Openswan</div>
<div> </div>
<div>I read about left and right sites, so I will use those too</div>
<div> </div>
<div> </div>
<div>- The left side has the servers(<a href="http://192.168.1.0/24">192.168.1.0/24</a>)</div>
<div>- The right side has the vpn client(unkonw IP, likely private)</div>
<div>- Both sites are behind nat</div>
<div>- The VPN client should get an IP address from the DHCP server at the left site</div>
<div>- I to need login with a local user off the Openswan server</div>
<div>- The openswan server has one network card (<a href="http://192.168.1.1">192.168.1.1</a>)</div>
<div>- The Openswan Server runs on Centos 5.0</div>
<div>- All clients run Windows XP</div>
<div>- No keys or certificates should need to be loaded beforehand on the client, basically everyone with an account should be able to connect to the VPN</div>
<div> </div>
<div>What I would like to know:</div>
<div>- What should my /etc/ipsec.conf and /etc/ipsec.d/* files look like</div>
<div>- What extra configurations steps are there (i.e. generating keys and forwaring ports)</div>
<div> </div>
<div>I read all the documentation I could find on the internet and have learned a lot about openswan and IPSEC in general, but noting has been really useful</div>
<div> </div>
<div>Thanks a great lot in advance</div>
<div> </div>
<div>Serge Fonville</div>