[Openswan Users] Antw: Re: Plain IPSec tunnel / NAT-T with Vista

Uwe Knop Uwe.Knop at lds.brandenburg.de
Tue Nov 11 10:21:10 EST 2008


Hi,
 
unfortunately with DOS commands
 
preperation:
                       netsh advfirewall set global mainmode
mmsecmethods dhgroup14:aes256-sha1,aes128-sha1,3des-sha1
 
delete old Policy:
                        netsh advfirewall consec del rule
name="StrongSwan"
 
create new Policy (with pfs=yes"):
                         netsh advfirewall consec add rule
name="StrongSwan" enable=yes mode=tunnel
localtunnelendpoint=192.168.100.10 remotetunnelendpoint=192.168.100.1
endpoint1=192.168.100.10 endpoint2=10.0.0.0/8 action=requireinrequireout
qmsecmethods=esp:sha1-aes256,esp:sha1-aes128,esp:sha1-3des
auth1=computercert auth1ca="C=DE, O=...,OU=..." qmpfs=mainmode
 
bye
UK
 
 
>>> 

Von: Marek Greško <gresko at thr.sk>
An:<users at openswan.org>
Datum:11.11.08 12:50
Betreff:Re: [Openswan Users] Plain IPSec tunnel / NAT-T with Vista
Dna Št 6. november 2008 Beschorner Daniel napísal:
> For all of you who are interested:
>
> http://support.microsoft.com/kb/957624 
>
> With this hotfix (free for download) Vista SP1 now plays with IPSEC
> tunnels behind NAT as a client.
> This never worked until now
(http://support.microsoft.com/kb/944335).
> Of course they didn't release it without still emphasizing that it
is
> evil...
>
> However, I've just tested it, it works now.
>

Good news. But what userspace applications should be used? I cannot
find 
ipseccmd.exe for Vista. So the ipsec.exe fails.

Thank you.

Marek
_______________________________________________
Users at openswan.org 
http://lists.openswan.org/mailman/listinfo/users 
Building and Integrating Virtual Private Networks with Openswan: 
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155



>>> 
Von: Marek Greško <gresko at thr.sk>
An:<users at openswan.org>
Datum:11.11.08 12:50
Betreff:Re: [Openswan Users] Plain IPSec tunnel / NAT-T with Vista
D*a Št 6. november 2008 Beschorner Daniel napísal:
> For all of you who are interested:
>
> http://support.microsoft.com/kb/957624 
>
> With this hotfix (free for download) Vista SP1 now plays with IPSEC
> tunnels behind NAT as a client.
> This never worked until now
(http://support.microsoft.com/kb/944335).
> Of course they didn't release it without still emphasizing that it
is
> evil...
>
> However, I've just tested it, it works now.
>

Good news. But what userspace applications should be used? I cannot
find 
ipseccmd.exe for Vista. So the ipsec.exe fails.

Thank you.

Marek
_______________________________________________
Users at openswan.org 
http://lists.openswan.org/mailman/listinfo/users 
Building and Integrating Virtual Private Networks with Openswan: 
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081111/fdfadc37/attachment.html 


More information about the Users mailing list