[Openswan Users] Can OpenSWAN replace OpenVPN?

geert geurts geert at verweggistan.eu
Thu Jul 19 07:21:23 EDT 2012


Ghe!! :D just heard the PLING of my phone of an incomming email when I
pushed the send button...
Pretty much the same email...

:D

On Thu, Jul 19, 2012 at 1:17 PM, Alex Crow <acrow at integrafin.co.uk> wrote:

> Dear Sandra,
>
> To provide a private IP to the phones, you will probably need to use
> IPSEC+L2TP - which most phones will support. I personally use Openswan with
> xl2tpd.
>
> Good starting points here:
>
> http://www.jacco2.dds.nl/**networking/openswan-l2tp.html<http://www.jacco2.dds.nl/networking/openswan-l2tp.html>
>
> Cheers
>
> Alex
>
>
> On 19/07/12 11:59, Sandra Schlichting wrote:
>
>> Dear readers,
>>
>> I have a working OpenVPN setup right now, where users can connect the
>> the private network at home with their computers.
>>
>> However most phones only support IPSec, so I would like to offer the
>> same service for phones with IPSec as I do for computers with OpenVPN.
>>
>> Problem
>>
>> I can't find any tutorials that describes how to configure OpenSWAN to
>> offer a private IP to the client.
>>
>> With my OpenVPN, clients have to provide a key and passphrase to get
>> access. On Android/iPhone I suppose a key is not possible, so it would
>> be fine with only a passphrase.
>>
>> Question
>>
>> Can OpenSWAN be configured to give a private IP to the clients,
>> similar to my OpenVPN setup?
>>
>> OpenVPN config
>>
>> port 1194
>> proto udp
>> dev tun
>> ca /etc/openvpn/easy-rsa/2.0/**keys/ca.crt
>> cert /etc/openvpn/secrets/server.**crt
>> key /etc/openvpn/secrets/server.**key
>> dh /etc/openvpn/secrets/dh1024.**pem
>> server 192.168.240.0 255.255.255.0
>> ifconfig-pool-persist ipp.txt
>> push "route 10.10.64.0  255.255.252.0"
>> push "dhcp-option DNS xxx.xxx.xxx.xxx"
>> duplicate-cn
>> keepalive 10 120
>> comp-lzo
>> user openvpn
>> group openvpn
>> persist-key
>> persist-tun
>> status /var/log/openvpn-status.log
>> log-append  /var/log/openvpn.log
>> verb 4
>> mute 20
>> plugin /usr/lib64/openvpn/plugin/lib/**openvpn-auth-ldap.so
>> "/etc/openvpn/auth/ldap.conf"
>> script-security 2
>> auth-user-pass-verify /etc/openvpn/scripts/check_cn_**on_connect.sh
>> via-env
>> learn-address /etc/openvpn/scripts/log_**clients_ip.sh
>>
>> Hugs,
>> Sandra
>> ______________________________**_________________
>> Users at lists.openswan.org
>> https://lists.openswan.org/**mailman/listinfo/users<https://lists.openswan.org/mailman/listinfo/users>
>> Micropayments: https://flattr.com/thing/**38387/IPsec-for-Linux-made-**
>> easy <https://flattr.com/thing/38387/IPsec-for-Linux-made-easy>
>> Building and Integrating Virtual Private Networks with Openswan:
>> http://www.amazon.com/gp/**product/1904811256/104-**
>> 3099591-2946327?n=283155<http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155>
>>
>>
>
> --
> This message is intended only for the addressee and may contain
> confidential information.  Unless you are that person, you may not
> disclose its contents or use it in any way and are requested to delete
> the message along with any attachments and notify us immediately.
>
> "Transact" is operated by Integrated Financial Arrangements plc
> Domain House, 5-7 Singer Street, London  EC2A 4BQ
> Tel: (020) 7608 4900 Fax: (020) 7608 5300
> (Registered office: as above; Registered in England and Wales under
> number: 3727592)
> Authorised and regulated by the Financial Services Authority (entered on
> the FSA Register; number: 190856)
>
>
> ______________________________**_________________
> Users at lists.openswan.org
> https://lists.openswan.org/**mailman/listinfo/users<https://lists.openswan.org/mailman/listinfo/users>
> Micropayments: https://flattr.com/thing/**38387/IPsec-for-Linux-made-**
> easy <https://flattr.com/thing/38387/IPsec-for-Linux-made-easy>
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/**product/1904811256/104-**
> 3099591-2946327?n=283155<http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120719/b168a4dc/attachment.html>


More information about the Users mailing list