[Openswan Users] Openswan -> Checkpoint VPN-1: Is there any chance of this working?

Clark Case clarkcase at gmail.com
Tue Mar 1 21:11:08 EST 2011

Paul - Thanks for that pointer. When I was poking around at the Windows
client, I discovered that challenge / response was another option that I
could make work, and it looks as if this patch supports that mode.

I'm guessing that I will have more questions, but for now, I just need to
get that patch compiled in.


On Tue, Mar 1, 2011 at 8:18 PM, Paul Wouters <paul at xelerance.com> wrote:

> On Mon, 28 Feb 2011, Clark Case wrote:
>  My apologies in advance if I say anything stupid below. It is only out of
>> complete ignorance.
>> I was lucky enough to receive one of the Google CR 48 netbooks, and I'm
>> trying to figure out how to connect
>> to my work VPN, CheckPoint VPN-1. Someone who makes images for these
>> netbooks built one with Openswan (see
>> duh.org) (really, that is his url). Before endeavoring to configure
>> Openswan, I'm hoping to get an opinion on
>> whether it is possible to make the connection or not.
>> Here's what I know: I connect to the VPN in Windows using SecureClient. In
>> the connection dialog, there is my
>> user name, a set, unchanging "Token Number" that I can not change, and a
>> field where I enter my PIN each time
>> I connect. When I go to Options -> Change Authentication, I can see that I
>> currently am using SercureID with
>> a soft token.
>> I reading through the archive, I think I read that connecting using
>> SecureID with OpenSwan just ain't gonna
>> work. Or did I read incorrectly?
> There is support for "hybrid mode", see
> contrib/checkpoint-hybrid/openswan-2.6.25-SecureClient.diff
> I don't see an option to pass the secureid token though, so you might need
> to extend that patch.
> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110301/2e2ea98c/attachment.html 

More information about the Users mailing list