[Users] Re: Freeswan-net to freeswan-net x509

• Next message: JuanJo Ciarlante: "Re: [Users] Rijndael support in FreeS/WAN; AES support in SSHSentinel"
• Previous message: Andreas Steffen: "Re: [Users] /etc/ipsec.d/"
• In reply to: Segree, Gareth: "[Users] Freeswan-net to freeswan-net x509"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 12 Jul 2002, Segree, Gareth wrote:
> I have used you document on your website to setup freeswan with W2K
> and that works perfectly.
>
> If I want to be able to see subnets on both side, left & right do I
> have to create a CA for the right side and generate a host cert for
> the left side.

Just create a CA on one side, and created certificates for all machines
using any of your VPN services.

Like I said in my setup document, it doesn't matter what machine has the
CA one it -- it doesn't have to be a VPN gateway at all.

------------------------------------------------------------------------
| nate carlson | natecars_at_natecarlson.com | http://www.natecarlson.com |
| brainbench mvp for linux admin -- http://www.brainbench.com |
| Depriving some poor village of its idiot since 1981 |
------------------------------------------------------------------------

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: JuanJo Ciarlante: "Re: [Users] Rijndael support in FreeS/WAN; AES support in SSHSentinel"
• Previous message: Andreas Steffen: "Re: [Users] /etc/ipsec.d/"
• In reply to: Segree, Gareth: "[Users] Freeswan-net to freeswan-net x509"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST