[Openswan Users] (no subject)
volkan.goeksel at hsvv.hessen.de
volkan.goeksel at hsvv.hessen.de
Tue Apr 15 08:55:41 EDT 2008
Dr. Michael Schwartzkopff wrote:
Hi,
Perhaps you want to read:
http://www.openswan.org/docs/local/README.XAUTHclient
and
http://www.openswan.org/docs/local/README.XAUTH
But are you really sure you want this? Perhaps certificates are more easy
to
use?
Inside OpenSWAN there is NO way to authenticate or authorize clients on
LAN1
if the the tunnel is established between GW1 and GW2. How could this be
done?
You would have to authenticate users inside the tunnel i.e. by iptables or
better to use a proxy system.
If you really waht to authenticate the use of the tunnel you would have to
establish the tunnels from the clients to GW1.
Perphaps OpenVPN would fit your needs better?
Greetings,
------------------------------------------------------------------------------------------
Hi,
thank you for your wonderful reply!
I think I will realize that with a proxy system... good idea.
May it be possible when I install squid on the GW1 to authenticate clients
on LAN1? Or do the proxy server have to be installed on GW2?
I want to add some VPN-Gateways soon and don't want to configure a proxy
server on every VPN-Gateway.
I want to use a site-to-site VPN with IPsec, thats why I can't configure
road warriors and use OpenVPN.
Thank you again
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080415/7507ab2e/attachment.html
More information about the Users
mailing list