From: Matthieu Parisot [bootik.org] (mat_at_bootik.org)
Date: Tue Jul 30 2002 - 16:42:19 CEST
Hi everybody,
Here is what I'm trying to do :
FIREWALL-VPN
GW O-OO
Secure network /----\eth1 Wireless
-----------------| |-------------O O-OO Wireless clients
| eth0 \----/ Access Point
| |ppp0 O-OO
-------- |
servers |DSL connexion
|
Internet
/ | \
| | |
OO OO OO
road warrior clients
-The clients are running win2K,XP and linux
-The gateway is running Linux 2.4.18 + freeswan 1.96 + iptables 1.2.6a
I've attached a tool that wrote to create allmost everything that
http://www.natecarlson.com/include/showpage.php?cat=linux&page=ipsec-x509
explains. Also a modified version of the Marcus Müller tool (original
version available on http://vpn.ebootis.de/) that allows to switch
easily between two ipsec.conf configuration on windows 2K/XP.
What works?
-Linux Wireless LAN clients
-XP/2000 Wireless LAN clients but it hangs after a variable amount of time,
with no way to recover (but destroying manually tunnels manually on the
gateway, and reset/reboot windows client)
What does not works?
-XP roadwarrior client, because of a premature DELETE SA sent by the client;
-If I have more than one client, freeswan tries to associate clients with
other clients configurations, disregarding the rightcert parameter;
Could anyone kind could have a look to my tool and my way of creating
configurations, and tell me what i'm doing wrong? Is it reasonnable
to have ten config files, with only the rightcert parameter changing?
Why does XP sends DELETE SA after 1 second of activity?
Please help me, I'm getting crazy!
Mat.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:34 CEST