[Openswan Users] Basic question: should I use Openswan?

Roman Dergam lists at intu.cz
Thu Jan 12 16:47:27 CET 2006 

Dne čtvrtek 12 leden 2006 16:16 Andy napsal(a):
> On Thu, 2006-01-12 at 00:15 +0100, Roman Dergam wrote:
> > Hello,
> >
> > I apologise for the lack of knowledge related to Openswan - I started and
> > installed today. I would like to use a secure connection between a laptop
> > (which seems to be called "Road Warrior" here) and a server (with no
> > network behind it; just a server to administer). The reason I started to
> > look for a more complex solution
>
> more complex than what?
>
> > is that the laptop has no static public IP. And on top
> > of that it can connect from various places - with one or two machines
> > before the public internet.
> >
> > My questions are (and thanks to anybody for any advice):
> >
> > Is Openswan the right solution to use for such a situation?
>
> Actually, probably not. Openswan will certainly work, but is perhaps
> overkill in this case. Sounds to me like you can do what you need with
> ssh. Did you consider that? If so, why did you reject it?
>

Thanks for you reply.

I did consider SSH. I did not find (except one obscure and discontinued 
project) any way of telling to iptables: accept connections to SSH (and other 
ports) from my laptop ONLY irregardless of its changing IP address and drop 
all other attempts. Which is what I need. Keeping the port open to the world 
seems bad to me. 

I did have a feeling that Openswan might be an overkill, that's why I thought 
I better ask.

Roman


> > If not, what other solutions could you recommend? (I looked at racoon -
> > equally puzzling)
> >
> > Is it possible to configure Openswan in such a way that is connects my
> > two machines regardless of whether there is a router+modem or whatever
> > gateway configuration between it and the server (which has a public IP) 
> > - or not?
> >
> > Thanks
> >
> > Roman Dergam
> > _______________________________________________
> > Users mailing list
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users

More information about the Users mailing list