[Openswan Users] L2TP/IPsec VPN server with Windows 2000/XP
Jacco de Leeuw
jacco2 at dds.nl
Thu Feb 10 19:37:32 CET 2005
Daniel Fitzner wrote:
> I used following document:
> http://www.jacco2.dds.nl/networking/freeswan-l2tp.html.
> If I use PSK then everything works fine,
>
> But now I want to use x509 certificates.
> For this I used the document:
> http://www.natecarlson.com/linux/ipsec-x509.php.
I think you misunderstand: with L2TP/IPsec you can use both PSKs
and certificates. You do not have to use 'plain' IPsec with
certificates.
Nate Carlson has a separate page about L2TP/IPsec with certs:
http://www.natecarlson.com/linux/ipsec-l2tp.php
> ipsec.conf at xp-client for Marcus Müller's ipsec.exe utility
> conn L2TP-PSK-orgWIN2KXP
> left=%any
> right=192.168.1.1
> rightca="C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca"
> network=auto
> auto=start
> pfs=no
This is a configuration for plain IPsec. If you use L2TP/IPsec
you don't have to install and configure the ipsec.exe utility.
That is the whole point of L2TP/IPsec.
If you don't mind using Marcus Müller's ipsec.exe utility this has
the advantage that you do not have to use an L2TP server.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list