[Openswan Users] Openswan + Virtual IP Address howto
Paul Wouters
paul at xelerance.com
Tue Nov 1 18:10:51 CET 2005
On Tue, 1 Nov 2005, Matt Schwartz wrote:
> I need to create a setup using Virtual IP addresses, Openswan, and possibly
> pre-shared keys for our road warriors. I want to assign a pre-shared key to
> each Virtual IP in ipsec.conf.
Use L2TP. See: http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
> I would rather not have to deal with RSA Authentication.
Using preshared keys with dynamic IP addresses, some of which will be behind
NAT is a recipe for disaster and much hair pulling. You're much better of
using X.509 certificates.
Paul
More information about the Users
mailing list