[Openswan Users] Windoze services over IPSEC

Paul Wouters paul at xelerance.com
Sat Jan 29 17:31:01 CET 2005

On Fri, 28 Jan 2005, David Spear wrote:

> Can someone enlighten me on what I need to do to browse the windows
> network on my private net?  I tried setting up a WINS server on the
> 192.168.x.x. network in my dial-up connection properties, but that
> doesn't seem to do it.  Nothing shows up in the Network Neighborhood.

You cannot just use WINS for your dailup. WINS is a registration service,
so you need to configure everything in your network to use WINS, or they
have a big chance of not appearing in your WINS server at all.

> Is there a way to specify on the roadwarrior box to route ALL traffic on
> ports 135-139, etc. through the ipsec tunnel?  Is there a way to route

Yes, you can specify this with port selectors. But I am not sure if this 
buys you much.

> ALL traffic through the tunnel?

Yes, just make the subnet on openswan to be and the local subnet
on the ipsec.conf on the windows machine "*".

>  Is there any way that I can log on to a
> windows domain through the tunnel?  I am leaning towards forwarding all
> traffic through the tunnel due to security concerns... i.e. I don't want
> a hacker who gets into my outside Win box while an ipsec tunnel is up to
> have unrestricted access to my private nets.

You might want to look into L2TP then....


"At best it is a theory, at worst a fantasy" -- Michael Crichton

More information about the Users mailing list