[Openswan Users] Ipsec VPN from windows machines

Paul Wouters paul at xelerance.com
Wed Apr 2 14:59:00 EDT 2008 

On Wed, 2 Apr 2008, Agent Smith wrote:

> Well if PSKs are not supported in this config, we
> can't do this because using certs means probably
> importing them into user store and not computer store

No, they need to go in the computer store.

> if the intent is to use windows native IPSEC and use
> transport mode and not use l2tp/ipsec.

Windows only uses transport mode in combination with l2tp.

> is this an openswan limitation or just the way things
> work?

It's a microsoft limitation.

Paul

> --- Agent Smith <news8080 at yahoo.com> wrote:
>
> >
> > I have more or less the same config except that I
> > plan
> > to use PSKs and its not working. I use openswan
> > 2.4.12
> > on fedora 7 kernel 2.6.23.
> >
> > I'll give certificates a shot, what openswan version
> > are you using on what linux?
> >
> > --- Marco Berizzi <pupilla at hotmail.com> wrote:
> >
> > > Agent Smith wrote:
> > >
> > > > care to post your ipsec.conf Marco?
> > >
> > > ahh very simple:
> > >
> > > conn rw
> > >     right=%any
> > >     audo=add
> > >     pfs=yes
> > >     compress=yes
> > >     leftcert=blablabla.pem
> > >     leftupdown=blablabla
> > >     rightsubnet=vhost:%no,%priv
> > >
> > >
> > >
> >
> >
> >
> >
> >
> ____________________________________________________________________________________
> > You rock. That's why Blockbuster's offering you one
> > month of Blockbuster Total Access, No Cost.
> > http://tc.deals.yahoo.com/tc/blockbuster/text5.com
> > _______________________________________________
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> > Building and Integrating Virtual Private Networks
> > with Openswan:
> >
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >
>
>
>
>       ____________________________________________________________________________________
> You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
> http://tc.deals.yahoo.com/tc/blockbuster/text5.com
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>

-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list