[Openswan Users] Identifying different client groups
Richard Hall
r.j.hall at rhul.ac.uk
Wed Mar 9 12:05:46 CET 2005
We have two internal networks behind an iptables firewall/vpn, Net1 and
Net2. I would like to have two classes of users Class1 and Class2. We
also have an already established CA.
I would like to be able to give Class1 users access to Net 1 and Class2
users access to both Net1 and Net2. Assuming all certificates will be
within our current CA how can I configure openswan to allow this?
currently I have just class1 users connecting to Net1 using the
natecarleson guide but I am unsure as to how I can identify the Class2
users to have access to Net2 without the Class1 users certificate giving
them access as well. Is there some way of generating two branches in
the certificate tree one branch for each class all under the same root?
Thanks
Rich
More information about the Users
mailing list