[Openswan Users] Windoze services over IPSEC

David Spear dspear at telus.net
Fri Jan 28 14:18:10 CET 2005


I have successfully set up IPSEC between my XP/2K clients and Openswan.
My setup looks like:

XP roadwarrior		Internet		NAT firewall	Openswan
GW
207.x.x.x			x.x.x.x		209.x.x.x
192.168.1.101

I am using X.509 cert authorization and it works flawlessly.  I can ping
machines on the private subnet.  The NAT router does port forwarding of
IPSEC traffic to the openswan gateway.

I am not using l2tp (yet).  I am using Marcus Mueller's ipsec executable
to set up the tunnel.

Can someone enlighten me on what I need to do to browse the windows
network on my private net?  I tried setting up a WINS server on the
192.168.x.x. network in my dial-up connection properties, but that
doesn't seem to do it.  Nothing shows up in the Network Neighborhood.
Is there a way to specify on the roadwarrior box to route ALL traffic on
ports 135-139, etc. through the ipsec tunnel?  Is there a way to route
ALL traffic through the tunnel?  Is there any way that I can log on to a
windows domain through the tunnel?  I am leaning towards forwarding all
traffic through the tunnel due to security concerns... i.e. I don't want
a hacker who gets into my outside Win box while an ipsec tunnel is up to
have unrestricted access to my private nets.

Thanks

Dave




More information about the Users mailing list