[Openswan Users] Basic Openswan question

Ladi mafja at yahoo.com
Tue Nov 28 20:44:14 EST 2006 

Hi Paul,

I'm new to IPSec and it's true, i'm a bit confused. I know that IPSec operates on two modes, tunnel and transport mode. 

I managed to secure the connection to the terminal server in WinXP -> Win 2k3 server and i didn't have to specify a VPN. In the win2k3 server machine i configure the IPSec policy to receive only IPSec traffic (using certificates) on the TCP port 3389 (for terminal server) for all the connections. And from the client side (Win XP) i specify to use IPSec with certificate for all the traffic going out to TCP 3389. In this way someone can connect to the terminal server from any place and still can connect as far as (s)he has the right certificates. To be honest with you i don't know which mode this is (sorry for my ignorance).

The problem is that this i have to do from linux thin clients as well, and that's why i wanted to use Openswan. But from whatever i red is that there should be two gateways (A and B) connected with the VPN... 

Thanks a lot and sorry for the trouble
,Ladi
 

---------------------

If you can't be a highway, be a trail. If you can't be the sun, be a star. It is not by size, that you win or fail. Be the best of what you are!

----- Original Message ----
From: Paul Wouters <paul at xelerance.com>
To: Ladi <mafja at yahoo.com>
Cc: users at openswan.org
Sent: Tuesday, November 28, 2006 11:31:16 PM
Subject: Re: [Openswan Users] Basic Openswan question

On Mon, 27 Nov 2006, Ladi wrote:

>
> When implementing IPSec in windows you can choose if you want to create a VPN or not. This doesn't seem to be the case with Openswan. I hope it will be implemented in the future.

I have no idea what you mean? IPsec comes in various modes, the most
obvious two being Transport Mode and Tunnel Mode.  VPN's use Tunnel Mode,
while L2TP/IPsec uses Transport Mode. Perhaps you are referring to this?
Openswan supports both.

If you are referring to non-ipsec connections, you would mean PPTP, which
is implemented in different software on linux, called pptp-linux.

Paul





 
____________________________________________________________________________________
Yahoo! Music Unlimited
Access over 1 million songs.
http://music.yahoo.com/unlimited

More information about the Users mailing list