[Openswan Users] Am I thinking on the right lines here?

Andy Gay andy at andynet.net
Tue Jul 25 12:22:03 CEST 2006


You OK with this now? Do you still have questions?

-Andy

(John - sorry if you get this twice - I posted earlier from the wrong
email account...)

On Tue, 2006-07-25 at 10:58 +0100, John wrote:
> Andy Gay wrote:
> > On Mon, 2006-07-24 at 19:05 +0100, John wrote:
> >   
> >> I'm a little confused and hope the you will be able to allay my concerns.
> >>
> >> Workstation ---- SubNet 1 ------ Server =========== DSL router ------ 
> >> SubNet 2 ----- laptop
> >>     
> >
> > What OS's are running on these systems? Which systems are running
> > Openswan? Which version?
> >   
> (Workstation is on windoze XP)
> Server is running Openswan 2.4.4 on SuSE Linux 10.0 (Openswan installed 
> from the SuSE DVD)
> DSL Router is Netgear FVS318
> Laptop is on SuSE 10.1
> >> I have, at last, succeeded in getting a VPN (shown as ===== above) 
> >> between the two halves of my network. However, when I tried to open an 
> >> SSH terminal across this link (from laptop to server), I was surprised 
> >> to have to open the relevant port in the host's firewall.
> >>
> >> Is this normal as I thought that the VPN would tunnel traffic through 
> >> the firewall?
> >>     
> >
> > Certainly not. IPsec doesn't touch your firewall rules. (At least
> > Openswan doesn't. Cisco have an option on their PIX which will bypass
> > access lists for IPsec traffic. You can set Linux up to work similarly,
> > but that won't happen by default).
> >
> >   
> >> Also, should my laptop be able to recognise the server as a DNS server?
> >>     
> >
> > Sure. If your routing and firewall rules allow it.
> >
> >   
> >> Many thanks, in advance,
> >>
> >>     
> > BTW - you'll annoy the Openswan developers if you call their product
> > OpenS/WAN... :)
> >
> >   
> >> John
> >>
> >>
> >>
> >> _______________________________________________
> >> Users at openswan.org
> >> http://lists.openswan.org/mailman/listinfo/users
> >> Building and Integrating Virtual Private Networks with Openswan: 
> >> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >>     
> >
> >
> > _______________________________________________
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> > Building and Integrating Virtual Private Networks with Openswan: 
> > http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >   
> 
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155




More information about the Users mailing list