[Openswan Users] Can OpenSWAN replace OpenVPN?
geert at verweggistan.eu
Thu Jul 19 07:19:54 EDT 2012
I think we pretty much have the same rerequirements and reasons to look
I also had a openvpn and currently have an ipsec vpn for my phone.
What you need is an l2tp tunnel over ipsec.
You first create a secure connection over ipsec, after that you build a
tunnel over this secure connection.
There are loads of howto's on the net.
The l2tp can be configured to advertise ip adresses to clients.
A good website to find information is th following:
On Thu, Jul 19, 2012 at 12:59 PM, Sandra Schlichting <
littlesandra88 at gmail.com> wrote:
> Dear readers,
> I have a working OpenVPN setup right now, where users can connect the
> the private network at home with their computers.
> However most phones only support IPSec, so I would like to offer the
> same service for phones with IPSec as I do for computers with OpenVPN.
> I can't find any tutorials that describes how to configure OpenSWAN to
> offer a private IP to the client.
> With my OpenVPN, clients have to provide a key and passphrase to get
> access. On Android/iPhone I suppose a key is not possible, so it would
> be fine with only a passphrase.
> Can OpenSWAN be configured to give a private IP to the clients,
> similar to my OpenVPN setup?
> OpenVPN config
> port 1194
> proto udp
> dev tun
> ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
> cert /etc/openvpn/secrets/server.crt
> key /etc/openvpn/secrets/server.key
> dh /etc/openvpn/secrets/dh1024.pem
> server 192.168.240.0 255.255.255.0
> ifconfig-pool-persist ipp.txt
> push "route 10.10.64.0 255.255.252.0"
> push "dhcp-option DNS xxx.xxx.xxx.xxx"
> keepalive 10 120
> user openvpn
> group openvpn
> status /var/log/openvpn-status.log
> log-append /var/log/openvpn.log
> verb 4
> mute 20
> plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so
> script-security 2
> auth-user-pass-verify /etc/openvpn/scripts/check_cn_on_connect.sh via-env
> learn-address /etc/openvpn/scripts/log_clients_ip.sh
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users