[Openswan Users] Windoze services over IPSEC

David Spear dspear at telus.net
Fri Jan 28 14:18:10 CET 2005

I have successfully set up IPSEC between my XP/2K clients and Openswan.
My setup looks like:

XP roadwarrior		Internet		NAT firewall	Openswan
207.x.x.x			x.x.x.x		209.x.x.x

I am using X.509 cert authorization and it works flawlessly.  I can ping
machines on the private subnet.  The NAT router does port forwarding of
IPSEC traffic to the openswan gateway.

I am not using l2tp (yet).  I am using Marcus Mueller's ipsec executable
to set up the tunnel.

Can someone enlighten me on what I need to do to browse the windows
network on my private net?  I tried setting up a WINS server on the
192.168.x.x. network in my dial-up connection properties, but that
doesn't seem to do it.  Nothing shows up in the Network Neighborhood.
Is there a way to specify on the roadwarrior box to route ALL traffic on
ports 135-139, etc. through the ipsec tunnel?  Is there a way to route
ALL traffic through the tunnel?  Is there any way that I can log on to a
windows domain through the tunnel?  I am leaning towards forwarding all
traffic through the tunnel due to security concerns... i.e. I don't want
a hacker who gets into my outside Win box while an ipsec tunnel is up to
have unrestricted access to my private nets.



More information about the Users mailing list