[Openswan Users] L2TP over IPsec Certificate/Smartcard Authentication

Sun Mar 31 09:15:27 UTC 2013

Hi Артём,

I think it is not possible with L2TP, as you need a link protocol within
IPsec to authenticate and give a virutal interface for the client. Both
Xauth and L2TP require that you enter a username and password. The only way
around this is to write a computer program that starts the windows
authentication process and enters the name and password for you.

Thats theoretical, but to show this in practice I have found something
online for you:

rasdial <vpn_name> <vpn_username> <vpn_password>

To disconnect:

rasdial <vpn_name> /d

Thus, in usable terms, your line would look like this:

System.Diagnostics.Process.Start("rasdial.exe", "My_VPN My_Username
My_Password");

To disconnect from the VPN, simply use this line:

System.Diagnostics.Process.Start("rasdial.exe", "My_VPN /d");

That sound promissing as the username is entered for you now.

Also take a look at this page:
http://geekswithblogs.net/thibbard/articles/CSharpCodeToMaintainVPNConnectionProgramatically.aspx

This shows a program in c# to connect a VPN.

Greetings,

Bart Smink

2013/3/24 Артём Конвалюк <artret at gmail.com>
>
> Hello everyone! I need to use L2TP/IPsec server for roaming users with
> certificate or smartcard authentication (from Window XP/7
> client-side). I mean that there shouldn't be any login/password
> combination. Client should press "Connect" button, choose certificate
> (or enter PIN for smartcard) and that is all.
> Is there any possibilities to do this with xl2tpd + OpenSwan?
> Could anybody help?
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

--
**** DISCLAIMER ****

"This e-mail and any attachment thereto may contain information which is
confidential and/or protected by intellectual property rights and are
intended for the sole use of the recipient(s) named above.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form)
by other persons than the designated recipient(s) is prohibited.
If you have received this e-mail in error, please notify the sender either
by telephone or by e-mail and delete the material from any computer".

Thank you for your cooperation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130331/ecf50a33/attachment.html>