[Openswan Users] Setup Help Wanted...

Stef stef at ummon.com
Sat Dec 11 20:26:32 CET 2004

Hello Everyone,
	Okay, this is probably a 'hugely' (or frequently
at any rate ;) asked question but.. can anyone help with
the setup of openswan as a client ? The 'powers that be'
have requested everyone to use VPN (With X.509 certificate
of course).

	I have currently a setup like;

	Home Network	    Dual Homed Gateway
	192.168.2.x <--> [ ] <-> Internet

	And hopefully get something like this;

	Home Network	    Dual Homed Gateway
	192.168.2.x <--> [ ] <-> Internet
			 [] <-> remote gw <-> Network

	Its... proving to be a pain. I -thought- that I
had the config sorted, and then, of course, the decision
came from 'on high' that i needed to use X.509 certificate
rather than an RSA key. 

	Obviously, i would prefer all traffic from the home
network to still go out through the internet and -only- the
internet. Any login's on the gateway should be permitted
access to the remote network. The remote network should be
denied from seeing any machine -except- my gateway.

	I also have the certificate in an email, something
along the lines of the following...

  Type    Self-signed X.509 Certificate
  Version    V3

	can i jst simply put this into the /etc/ipsec.d/certs
directory or do i need something else ?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20041211/13c2d634/attachment.bin

More information about the Users mailing list