[Openswan Users] Openswan (on 2.6) as an DHCP-over-IPSec client
H. Peter Anvin
hpa at zytor.com
Tue Feb 8 22:49:31 CET 2005
Paul Wouters wrote:
> On Tue, 8 Feb 2005, H. Peter Anvin wrote:
>
>> Anyone happens to know how to configure OpenSWAN as an DHCP-over-IPSec
>> *client*? There are numerous discussions in the archives and there is a
>> HOWTO about using it as a server with SSH Sentinel clients on Windows
>> hosts, but I'd like to use it with Linux 2.6 clients, preferrably
>> running OpenSWAN (since I've had otherwise very good experience with
>> OpenSWAN.)
>
>
> AFAIK, no one has done this. The dhcp-over-ipsec was only implemented
> by Microsoft and SSH, and they were not compatible with each other.
> Openswan-2.3.0 has XAUTH and ModeConfig support though, which should
> be able to offer you the same functionality. But it's very new and
> likely not complete yet.
>
> Ofcourse, IKEv2 should make all of this stuff obsolete too, but that's
> not going to happen anytime soon.
>
I hope whatever they do will be DHCP-compatible; I always thought it was
a big mess to have a completely different configuration mechanism for PPP.
> I guess with some creative _updown scripting, it should be possible.
I'll play with it and see what can be done.
-hpa
More information about the Users
mailing list