[Openswan Users] How to setup connection between openswan server and windows clients in same subnet?

Victor Soroka gbs at tnss.kharkov.ua
Wed Aug 4 16:39:34 CEST 2004


Hello friends!

I have stupid question, but I can't find answer almost a week.

What I have:

		Internet
		|
	1.2.3.4
<Linux openswan>
	176.17.17.1
	|	|	|	|	|
	UNTRUSTED LOCAL NETWORK
	|	|	|	|	|
176.17.17.100	.... 176.17.17.200 (linux, win.95, win.98, win.2000, win.2003)

My linux server is gateway to Internet and defaultroute for all clients.
I want to create secure IPSEC connection from any client to server in
same subnet. In other words if client wants to connect to other client
he connects directly, but if he want to connect to server or to any internet IP
connection becomes encrypted to protect user's traffic from sniffing.

So I want something like (on client side):
	if ( destination_IP == 176.17.17.1 ) encrypt_connection();

I don't want to assign 2 different IP to each my client. I want to use X.509 certificates
to authenticate my clients.

So, my questions:

1. Can I do this?
2. Can I do this with openswan? Where I can read how to setup it for my case?
3. Which client I should install for my windows clients? Can I do this with MSL2TP ?

Victor.

-- 
I World War (1914-1918)... II World War (1939-1945)... Windows (95-2000)...
Don't allow new tragedy. Live in Peace! Be happy with LiNUX!


More information about the Users mailing list