[Openswan Users] (no subject)

volkan.goeksel at hsvv.hessen.de volkan.goeksel at hsvv.hessen.de
Tue Apr 15 08:55:41 EDT 2008

Dr. Michael Schwartzkopff wrote:

Perhaps you want to read:

But are you really sure you want this? Perhaps certificates are more easy 

Inside OpenSWAN there is NO way to authenticate or authorize clients on 
if the the tunnel is established between GW1 and GW2. How could this be 
You would have to authenticate users inside the tunnel i.e. by iptables or 

better to use a proxy system.

If you really waht to authenticate the use of the tunnel you would have to 

establish the tunnels from the clients to GW1.

Perphaps OpenVPN would fit your needs better?



thank you for your wonderful reply!

I think I will realize that with a proxy system... good idea.
May it be possible when I install squid on the GW1 to authenticate clients 
on LAN1? Or do the proxy server have to be installed on GW2?
I want to add some VPN-Gateways soon and don't want to configure a proxy 
server on every VPN-Gateway.

I want to use a site-to-site VPN with IPsec, thats why I can't configure 
road warriors and use OpenVPN.

Thank you again 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080415/7507ab2e/attachment.html 

More information about the Users mailing list