[Openswan Users] A quick question

Charles Tompkins crt at thig.com
Fri Jun 2 11:31:26 CEST 2006


I am attempting something different by routing part of my public block to my
internal network (through a firewall) and pooling out addresses from the
remainder of that block as the internal addresses are resolvable from the
gateway.  I am trying to do this with one interface to keep it simple in
terms of routing.  I this setup feasible?  Note, I am also wrangling with
l2tpns to do this and have not had any success thus far.  Is anybody using
l2tpns with Openswan?  If so, could you share some configuration
information?
Regards,
-Charles

________________________________________
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of ihsanturkmen at hedefalliance.com.tr
Sent: Friday, June 02, 2006 10:12 AM
To: Can Akalin
Cc: users-bounces at openswan.org; users at openswan.org
Subject: Re: [Openswan Users] A quick question


Hi.. 
There are two VPN types. One is transport mode (host-to-host) and the other
is tunnel mode (network-to-network)  . If you want to make a
network-to-network  VPN , you need two network interfaces on each side  ,
one for external network and the other for the internal network.Interfaces
do not have to be ethernet, any other type of interface wellcomes. .,You
don't have to have a public ip address either . It is not a must. 

If you need to make a host-to-host VPN, you don't need two network
interfaces. 


İhsan Türkmen
Hedef Alliance Holding A.Ş.
Bilgi Sistemleri Direktörlüğü

Namık Kemal Cad. Göztepe Mah.
Karanfil Sok. No: 62
34550 Bağcılar / İstanbul/TR
Tel : +90 (212) 445 50 95
Fax: +90 (212) 445 97 54


"Can Akalin" <canakalin77 at gmail.com> 
Sent by: users-bounces at openswan.org 
02.06.2006 17:01 
To
users at openswan.org 
cc

Subject
[Openswan Users] A quick question







Hello everyone,

I was reading a book called "Network Administrators Survival Guide" by Cisco
Press. Over there, at the chapter "Linux based VPN", it says that the Linux
machine that holds the Openswan VPN Server should have a 2 Ethernet NIC
cards. One for publicly routed IP address and for the private network. Is
this correct? 

I have a computer in my private network and it has one NIC card. This
machine is a Linux machine, behind a firewall router and has Openswan 2.4.5.
So, can't I use this Linux machine as a VPN Server?

One other question is that when I make a host-to-server connection from
remote, What IP address the remote host will take? Is there supposed to be a
DHCP server in the private network where the Openswan Server resides, or
perhaps in the machine that holds Openswan VPN server? 

Thank you.

-- 
Can Akalin _______________________________________________
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan: 
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
Bu e-posta ve eklerinde verilen bilgiler kisiye ozel ve gizli olup,yalnizca
mesajda belirlenen alici ile ilgilidir.
Bu mesajda bulunan tum fikir,gorus ve ekindeki dosyalar sadece adres
sahibine ait olup,Hedef Alliance Holding A.S. ve/veya istirakleri hic bir
sekilde sorumlu tutulamaz. Sirketimiz mesajin ve bilgilerin size degisiklige
ugrayarak veya gec ulasmasindan,butunlugunun ve gizliliginin
korunamamasindan,virus icermesinden ve bilgisayar sisteminize verebilecegi
herhangi bir zarardan sorumlu tutulamaz.

This message and attachments are confidential and intended solely for the
individual(s) stated in this message. This email is not intended to impose
nor shall it be construed as imposing any legally binding obligation upon
Hedef Alliance Holding A.S. and/or any of its subsidiaries or associated
companies. Our company shall have no liability for any changes or late
receiving,loss of integrity and confidentiality,viruses and any damages
caused in anyway to your computer system.




CONFIDENTIAL NOTICE: This email including any attachments, contains 
confidential information belonging to the sender. It may also be 
privileged or otherwise protected by work product immunity or other 
legal rules. This information is intended only for the use of the 
individual or entity named above.  If you are not the intended 
recipient, you are hereby notified that any disclosure, copying, 
distribution or the taking of any action in reliance on the contents 
of this emailed information is strictly prohibited.  If you have 
received this email in error, please immediately notify us by 
reply email of the error and then delete this email immediately.


More information about the Users mailing list