[Openswan Users] road warrior set up with openswan

Erich Titl erich.titl at think.ch
Fri Jan 14 05:13:49 EST 2011


Hi Folks

I guess this has been one of the hottest topics in the past, and (maybe
unfortunately) I avoided it at all cost.

I am running a rather antiquated OpenSwan installation with
subnet_to_subnet tunnels and am forced to look at a roadwarrior set up
for a number of iPhones.

I would like to avoid having to use l2tp at all cost or at least
delegate it to the M$ guys. So basically what I would like to do is

- build a certificate based tunnel between the iPhone and the ipsec
gateway at our premises.
- forward the l2tp traffic to some M$ infrastructure to handle that part
of the equation.

I have tried to find adequate information on the net, but nowhere a
halfways decent description of the necessary paremeters in ipsec.conf. I
tried to find manual pages in the doc directory in the source but
unfortunately they were either empty or not existing and the pages to be
found on the net are not really explanatory.

The mystery primarily rotates around the following parameter

rightsubnet: not easily to be known, I found

rightsubnet=vhost:%priv,%no but unfortunately was not able to discern
the meaning of those parameters.

Can someone point me to a public documentation which details this.

Thanks

Erich





More information about the Users mailing list