[Openswan dev]

Michael Richardson mcr at sandelman.ottawa.on.ca
Wed Jun 28 19:15:36 CEST 2006

>>>>> "Patrice" == Patrice Tcherkezian <patrice.tcherkezian at noven.fr> writes:
    Patrice> I've got an wifi access controller in an Hotel for example. It's
    Patrice> connected to Internet with an ADSL Router and the IP adress of
    Patrice> the ISP is a dynamic IP Adress.


    Patrice> This access control has to connect to my radius installed in my
    Patrice> NOC. I create a VPN between the access controller and my NOC
    Patrice> with Openswan IPSEC.


    Patrice> But, I want to have a monitoring of my AC with Nagios installed
    Patrice> in my NOC too. And Nagios needs the Access Controller to have a
    Patrice> known static IP Adress. (My Radius needs the same thing too)

    Patrice> How can I do ? Because, with my VPN, I suppose that the Access
    Patrice> Controller is always seen from my NOC with its dynamic IP adress
    Patrice> of the ISP.

  So, assign an IP address that you control, that is unique for you,
and is routeable to your network through your IPsec gateway. 
  This might a private network that you route to the NOC gateway, or 
might even be public address space. 
  let this ip= A.B.C.D
  Extrude this IP to each of your access controllers:

conn access-controller

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

    "The Microsoft _Get the Facts CD_ does not work on Linux." - orospakr

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/dev/attachments/20060628/96afb23d/attachment.bin

More information about the Dev mailing list