[Openswan Users] openswan instead of poptop

Nate Carlson natecars at natecarlson.com
Wed Sep 1 21:16:18 CEST 2004


On Wed, 1 Sep 2004, John H. wrote:
> Well, dan said I would have to possibly use a radius server if I wanted
> the windows clients to use their built in vpn clients?

No requirement for that - if you use roaring penguin's l2tp server and
don't want to assign static ip's, that may be a requirement, but not if
you use l2tpd.

> So what you are saying is if they use l2tp/ipsec, they won't even be
> using ppp?  As long as they can use built in winxp/win2k software, I can
> do the config myself.

l2tp does use ppp.

> I do like, though, for my clients(who are happy with pptp/poptop, but
> would like added security), the ease like the webmin interface offers,
> which lets you easily add new accounts.

if there is a webmin module for poptop, you may be able to extend it to
modify l2tp settings - they are rather similar. The one big difference is
that you'll need certificates for all of your VPN users (to get the IPSec
connection up), along with the username and password to authenticate via
l2tp.

Really, check out Jacco's site - it covers this in great detail.

------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
|       depriving some poor village of its idiot since 1981            |
------------------------------------------------------------------------


More information about the Users mailing list