[Openswan Users] [OT] Securing WLAN with Cisco PIX VPN

[Sven Schuster]

Hi everybody,

at first sorry for this slightly off topic posting. Yes, I do know
that this is about openswan, but as many knowledgable people are here
on this list, I thought I might give it a try... :-)
We have a customer who has a wireless lan at home. This network
consists of two notebooks (XP home edition) and a wireless access
point (WPA-PSK) with integrated dsl modem and 4 port switch. As this
customer had some trouble with hackers hacking into his network, we'd
now like to additionally secure the traffic from the notebooks to
the internet with an ipsec tunnel to a cisco pix 501:

nb1 ----------- (wlan ap) ------------ pix ----- internet
nb2 ------------|

Now not the access point establishes the connection to the internet,
but the cisco pix. So what we'd like to have is one tunnel between
nb1 and pix, and another tunnel between nb2 and pix, which will carry
all traffic which goes to the internet. (next step would be to have an
ipsec tunnel between nb1 and nb2, but whether and how that's doable
is not the question at the moment).
We have the cisco vpn client available for doing the ipsec tunneling
at the windows xp side.

Has anybody of you done something like that?? If so, do you have any
pointers?? If not, can you recommend some hardware to do what I want?
(yes, if I could, I would take a look if I might do something with
linux + openswan...but unfortunately I can't, boss says 'cisco' :-/ )


Thanks in advance for your invaluable answers and recommendations!!

Sven


-- 
Linux zion 2.6.12-rc2-mm2 #1 PREEMPT Sat Apr 9 02:33:35 CEST 2005 i686 athlon i386 GNU/Linux
 21:30:00 up 2 days, 22:25,  1 user,  load average: 0.07, 0.12, 0.07