[Openswan Users] Windoze services over IPSEC
Paul Wouters
paul at xelerance.com
Sat Jan 29 17:31:01 CET 2005
On Fri, 28 Jan 2005, David Spear wrote:
> Can someone enlighten me on what I need to do to browse the windows
> network on my private net? I tried setting up a WINS server on the
> 192.168.x.x. network in my dial-up connection properties, but that
> doesn't seem to do it. Nothing shows up in the Network Neighborhood.
You cannot just use WINS for your dailup. WINS is a registration service,
so you need to configure everything in your network to use WINS, or they
have a big chance of not appearing in your WINS server at all.
> Is there a way to specify on the roadwarrior box to route ALL traffic on
> ports 135-139, etc. through the ipsec tunnel? Is there a way to route
Yes, you can specify this with port selectors. But I am not sure if this
buys you much.
> ALL traffic through the tunnel?
Yes, just make the subnet on openswan to be 0.0.0.0/0 and the local subnet
on the ipsec.conf on the windows machine "*".
> Is there any way that I can log on to a
> windows domain through the tunnel? I am leaning towards forwarding all
> traffic through the tunnel due to security concerns... i.e. I don't want
> a hacker who gets into my outside Win box while an ipsec tunnel is up to
> have unrestricted access to my private nets.
You might want to look into L2TP then....
Paul
--
"At best it is a theory, at worst a fantasy" -- Michael Crichton
More information about the Users
mailing list