<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=375480014-23072008><FONT face=Arial size=2>Hi
all,</FONT></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial size=2>I am attempting to
install an Ubuntu laptop with all the necessary functions for our employees to
use them instead of windows. VPN is the last step but I am not well versed in
VPN so please bear with me.</FONT></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial size=2>As far as I can see,
openswan can communicate with sonicwall.</FONT></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial size=2>I would like to know
if the config files are encrypted on the linux boxes, please see below if this
applies even though for Fedora 9. <SPAN class=375480014-23072008><FONT
face=Arial size=2>The admins of our server side (out sourced) want to be
reassured.</FONT></SPAN></FONT></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial size=2><SPAN
class=375480014-23072008></SPAN></FONT></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial size=2><SPAN
class=375480014-23072008>From thread: <A
href="http://lists.openswan.org/pipermail/users/2008-June/014788.html">http://lists.openswan.org/pipermail/users/2008-June/014788.html</A></SPAN></FONT></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008>
<DIV dir=ltr align=left><SPAN class=406063013-23072008>><I> Can I use PAM or
some other currently existing auth scheme instead of<BR></I>><I>
chap-secrets? (I suppose this is an xl2tpd question, but any
advice?<BR></I>><I> This would be the deal breaker, because I'm trying to
avoid foo-secret</I>><I> plaintext password files.)<BR></I><BR>If you use
X.509 certs (not PSK) then you have no plaintext passwords<BR>anywhere. xl2tpd
calls pppd which can call whatever you want with its<BR>own auth modules (eg PAM
or Radius)</SPAN></DIV><SPAN class=406063013-23072008></SPAN></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><SPAN
class=406063013-23072008></SPAN></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2>Can openswan either import or "just" read .rcf and/or .spd
config files?</FONT></SPAN></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2></FONT></SPAN></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2>Are there any special considerations for this VPN connection
type I should be aware of?</FONT></SPAN></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2></FONT></SPAN></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2>Any help would be great.</FONT></SPAN></SPAN></DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2></FONT></SPAN></SPAN> </DIV>
<DIV><SPAN class=375480014-23072008><SPAN class=406063013-23072008><FONT
face=Arial size=2>Thanks.</FONT></DIV></SPAN>
<DIV dir=ltr align=left><SPAN class=406063013-23072008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=406063013-23072008><SPAN
class=375480014-23072008><FONT face=Arial
size=2>regards</FONT></SPAN></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=406063013-23072008><SPAN
class=375480014-23072008><FONT face=Arial
size=2>Mark</FONT></SPAN></DIV></SPAN></SPAN></BODY></HTML>