[Openswan Users] Can OpenSWAN replace OpenVPN?
geert at verweggistan.eu
Thu Jul 19 07:21:23 EDT 2012
Ghe!! :D just heard the PLING of my phone of an incomming email when I
pushed the send button...
Pretty much the same email...
On Thu, Jul 19, 2012 at 1:17 PM, Alex Crow <acrow at integrafin.co.uk> wrote:
> Dear Sandra,
> To provide a private IP to the phones, you will probably need to use
> IPSEC+L2TP - which most phones will support. I personally use Openswan with
> Good starting points here:
> On 19/07/12 11:59, Sandra Schlichting wrote:
>> Dear readers,
>> I have a working OpenVPN setup right now, where users can connect the
>> the private network at home with their computers.
>> However most phones only support IPSec, so I would like to offer the
>> same service for phones with IPSec as I do for computers with OpenVPN.
>> I can't find any tutorials that describes how to configure OpenSWAN to
>> offer a private IP to the client.
>> With my OpenVPN, clients have to provide a key and passphrase to get
>> access. On Android/iPhone I suppose a key is not possible, so it would
>> be fine with only a passphrase.
>> Can OpenSWAN be configured to give a private IP to the clients,
>> similar to my OpenVPN setup?
>> OpenVPN config
>> port 1194
>> proto udp
>> dev tun
>> ca /etc/openvpn/easy-rsa/2.0/**keys/ca.crt
>> cert /etc/openvpn/secrets/server.**crt
>> key /etc/openvpn/secrets/server.**key
>> dh /etc/openvpn/secrets/dh1024.**pem
>> server 192.168.240.0 255.255.255.0
>> ifconfig-pool-persist ipp.txt
>> push "route 10.10.64.0 255.255.252.0"
>> push "dhcp-option DNS xxx.xxx.xxx.xxx"
>> keepalive 10 120
>> user openvpn
>> group openvpn
>> status /var/log/openvpn-status.log
>> log-append /var/log/openvpn.log
>> verb 4
>> mute 20
>> plugin /usr/lib64/openvpn/plugin/lib/**openvpn-auth-ldap.so
>> script-security 2
>> auth-user-pass-verify /etc/openvpn/scripts/check_cn_**on_connect.sh
>> learn-address /etc/openvpn/scripts/log_**clients_ip.sh
>> Users at lists.openswan.org
>> Micropayments: https://flattr.com/thing/**38387/IPsec-for-Linux-made-**
>> easy <https://flattr.com/thing/38387/IPsec-for-Linux-made-easy>
>> Building and Integrating Virtual Private Networks with Openswan:
> This message is intended only for the addressee and may contain
> confidential information. Unless you are that person, you may not
> disclose its contents or use it in any way and are requested to delete
> the message along with any attachments and notify us immediately.
> "Transact" is operated by Integrated Financial Arrangements plc
> Domain House, 5-7 Singer Street, London EC2A 4BQ
> Tel: (020) 7608 4900 Fax: (020) 7608 5300
> (Registered office: as above; Registered in England and Wales under
> number: 3727592)
> Authorised and regulated by the Financial Services Authority (entered on
> the FSA Register; number: 190856)
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/**38387/IPsec-for-Linux-made-**
> easy <https://flattr.com/thing/38387/IPsec-for-Linux-made-easy>
> Building and Integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users