Re: [Users] deny certs of road warrior

From: Sam Sgro (sam_at_freeswan.org)
Date: Mon Jan 06 2003 - 21:36:14 CET

• Next message: Phillip.Watts_at_nlynx.com: "Re: [Users] VPN with Linksys Router"
• Previous message: Ken Bantoft: "Re: [Users] VPN with Linksys Router"
• In reply to: Steve Lee: "[Users] deny certs of road warrior"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Mon, 6 Jan 2003, Steve Lee wrote:

> I was able to get a road warrior VPN
> using x509 certs and the IPSec tools by
> vpn.ebootis.de working.
>
> Now how do i deny certs so some people can't
> do vpn ?

So, you want to deny access to previously issued certs?

1) If you are using a 1 to 1/cert to roadwarrior conn setup, delete those
conns. I doubt you're using that, otherwise you wouldn't be e-mailing the
list. :)

2) Take a look through the Installation and Configuration guide for references
to issuing CRLs - you can revoke previously issued certificates quite readily.

http://www.strongsec.com/freeswan/install.htm#section_4.6

-- 
Sam Sgro
sam_at_freeswan.org
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Phillip.Watts_at_nlynx.com: "Re: [Users] VPN with Linksys Router"
• Previous message: Ken Bantoft: "Re: [Users] VPN with Linksys Router"
• In reply to: Steve Lee: "[Users] deny certs of road warrior"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Tue Jan 07 2003 - 05:21:07 CET