[Openswan Users] Openswan (on 2.6) as an DHCP-over-IPSec client

Paul Wouters paul at xelerance.com
Wed Feb 9 02:23:40 CET 2005


On Tue, 8 Feb 2005, H. Peter Anvin wrote:

> Anyone happens to know how to configure OpenSWAN as an DHCP-over-IPSec
> *client*?  There are numerous discussions in the archives and there is a
> HOWTO about using it as a server with SSH Sentinel clients on Windows
> hosts, but I'd like to use it with Linux 2.6 clients, preferrably
> running OpenSWAN (since I've had otherwise very good experience with
> OpenSWAN.)

AFAIK, no one has done this. The dhcp-over-ipsec was only implemented
by Microsoft and SSH, and they were not compatible with each other.
Openswan-2.3.0 has XAUTH and ModeConfig support though, which should
be able to offer you the same functionality. But it's very new and
likely not complete yet.

Ofcourse, IKEv2 should make all of this stuff obsolete too, but that's
not going to happen anytime soon.

I guess with some creative _updown scripting, it should be possible.

Paul


More information about the Users mailing list