Hello,
after playing some time with the ipsec-Utility, I learned a lot about the
ipsec stuff in windows 2000. Thanks for this.
I find it quite usable and useful.
It is still not easy to setup a complete configuration for the first time.
(A nice job for a good consultant :-)
But... (why must there always be a but?)
can we eliminate the need for Administrator privileges for the user?
I tried a batch-file like this:
ipsecpol -w REG -p vpn1 -r roadwarrior-net-Host -t 0 -f
172.16.0.0/255.255.0.0=0 -n ESP[MD5,3DES]3600S/50000KPFS -a
CERT:"C=...." -dialup -1p
ipsecpol -w REG -p vpn1 -r Host-roadwarrior-net -t gw.gw.gw.gw -f
0=172.16.0.0/255.255.0.0
-n ESP[MD5,3DES]3600S/50000KPFS -a CERT:"C=..." -dialup -1p
But the -t 0 did not work. The Filter (-f 0=..) worked fine. This gave me the
idea. Would have been too nice...
Microsoft said "IPSec tunnel mode is not designed to be used for virtual
private network (VPN) remote access"
Sh...! Not so easy.
If we had a service, which did this automatically in the background, we could
solve the problem - maybe.
What do think about it?
Many thanks in advance for any suggestions.
regards,
Reinhard Moosauer
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST