[Openswan Users] L2TP/IPsec VPN server with Windows 2000/XP

Jacco de Leeuw jacco2 at dds.nl
Thu Feb 10 19:37:32 CET 2005


Daniel Fitzner wrote:

> I used following document:
> http://www.jacco2.dds.nl/networking/freeswan-l2tp.html.
> If I use PSK then everything works fine,
> 
> But now I want to use x509 certificates.
> For this I used the document:
> http://www.natecarlson.com/linux/ipsec-x509.php.

I think you misunderstand: with L2TP/IPsec you can use both PSKs
and certificates. You do not have to use 'plain' IPsec with
certificates.

Nate Carlson has a separate page about L2TP/IPsec with certs:
http://www.natecarlson.com/linux/ipsec-l2tp.php

> ipsec.conf at xp-client for Marcus Müller's ipsec.exe utility
> conn L2TP-PSK-orgWIN2KXP
> 	left=%any
> 	right=192.168.1.1
> 	rightca="C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca"
> 	network=auto
> 	auto=start
> 	pfs=no

This is a configuration for plain IPsec. If you use L2TP/IPsec
you don't have to install and configure the ipsec.exe utility.
That is the whole point of L2TP/IPsec.

If you don't mind using Marcus Müller's ipsec.exe utility this has
the advantage that you do not have to use an L2TP server.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list