[Openswan Users] VPN server over windows XP

Paul Wouters paul at xelerance.com
Thu Sep 15 01:26:29 CEST 2005 

On Wed, 14 Sep 2005, Alaa Dalghan wrote:

> 1- I need to set the vpn server on windows XP (not windows 2000 server, nor 
> 2003, nor ISA server, etc.)

What is the motivation for this? It seems like a rather unwise restriction.

> The first problem I faced is that windows xp does not support ipsec tunnel 
> mode between 2 xp machines. It only supports transport mode which is not what 
> I want.
> To overcome this lack of IP tunneling I tried to use the built-in tunneling 
> capabilities such as PPTP and L2TP/ipsec, and it worked.

AFAIK, using L2TP/ipsec will still use transport mode, not tunnel mode.

> is that a windows xp can not accept more than ONE SINGLE incoming connection 
> at a time, and I need multiple connections.

See my first comment.

> I think the solution could be one of the following:
>
> 1-Installing a third party FREE vpn server (or L2TP server) on windows XP. If 
> you know one please tell me.

You seem to be asking for a lot. I do not know of any.

> 2-Importing some features from windows 2000 server or 2003 server (some 
> executables or services or plugins that enable xp to run as a vpn server and 
> accept multiple connections). If you know what to import please tell me.

This is clearly a bogus way around the "Thou shallt use Windows XP", and in
the unlikely event that you would get it working, would likely break at the
first automatic update received. It is a completely unsupportable, unsustainable
solution.

> 3- Installing a pure IP tunneling solution on windows xp so that it can be 
> combined with ipsec encryption to yield tunnel mode encryption.

Again, I only know of IPsec clients. Some of these can do multiple connections
fine (eg safenet, greenbow, etc etc). they are not free.

Seriously, your problem seems to be a management or political problem, and not
a technical problem. And if you want to escape out on a technicality, install
VMware on Windows, and install Linux within the VMware to run Openswan. You
will have implemented a "Windows based VPN server". You will also surely lose
your head at the first glitch.

Paul

More information about the Users mailing list