Hello,
I have a question regarding the setup for different users with FreeS/WAN.
I have a working VPN with SafeNet and FreeS/WAN which is fine as long as
I have one user connected as a road warrior. The problem I have comes up
when I wan to add another user with his own certificate.
I want to have a different cert for each user so in case somebody must
be forced out of the network I can simply remove his config lines.
My ipsec.conf looks like this:
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
authby=rsasig
auto=add
compress=yes
disablearrivalcheck=no
keyingtries=1
left=%defaultroute
leftcert=vpn.pem
leftfirewall=yes
leftrsasigkey=%cert
pfs=yes
right=%any
rightrsasigkey=%cert
conn user1
leftsubnet=192.168.100.0/24
rightid="<user 1's CN>"
conn user2
leftsubnet=192.168.100.0/24
rightid="<user 2's CN>"
With only 1 user in the file it works fine - as soon as I add the second
it fails. :-/
Is there a way to get the basic idea working somehow or have I some
missunderstanding somewhere.
I would not like to have a solution where I have to renew certificates
for alot of people just because I want to restrict one users access.
Thanks in advance, Harry
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:56 CEST