FreeSwan and Win2k
info@idatasys.com
plug-discuss@lists.plug.phoenix.az.us
12 Apr 2002 08:08:02 -0700
--=-VGHmKWW5EZ//bv045XTa
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
The last time that I had check into installing FreeSWAN with Win2K the
configuration was not intended for road warriors. The IPSEC
configuration in Win2K requires the IP address be the same for each
laptop for all the locations that they connect (Static IP). The setup
is designed for fixed gateway to gateway connectivity. The IPSEC that
is in Win2K VPN Dialup connector is based on L2TP which was not
supported by FreeSWAN. The road warrior configuration for Windows is
done by using NAI's PGP VPN package with FreeSWAN.
This was about a year ago that I checked. I would love to know if it
has changed. I did do a quick search of the change logs for FreeSWAN
and didn't see any changes in this area.
Rick
On Thu, 2002-04-11 at 15:07, Gordon Chamberlin wrote:
Hello Everyone,
I am in the process of setting up a VPN to allow road warrior win2k
laptops to connect to our corporate intranet. Our approach is to use
FreeSwan's IPSec.
I d/led FreeSwan, installed the X.509 patch, recompiled my kernel and
feel fairly confident that the FreeSwan side is working. My problem has
been in the Windows configuration.
I follow various Howtos and create keys and install them but I haven't
been successful in getting the win2k machine to connect to the freeswan.
Is there anyone out there who has this working?
Would you be interested in doing a little consulting work to help me
complete my process?
Once I get this working, I would be happy to make a presentation to the
group on setting this up.
Thanks.
-Gordon
--
Gordon Chamberlin Software Architect
Visualize, Inc. http://www.visualizeinc.com
(602) 861-0999 ext. 14 glac@visualizeinc.com
________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--=-VGHmKWW5EZ//bv045XTa
Content-Type: text/html; charset=utf-8
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/1.0.2.99">
</HEAD>
<BODY>
The last time that I had check into installing FreeSWAN with Win2K the configuration was not intended for road warriors. The IPSEC configuration in Win2K requires the IP address be the same for each laptop for all the locations that they connect (Static IP). The setup is designed for fixed gateway to gateway connectivity. The IPSEC that is in Win2K VPN Dialup connector is based on L2TP which was not supported by FreeSWAN. The road warrior configuration for Windows is done by using NAI's PGP VPN package with FreeSWAN.
<BR>
<BR>
This was about a year ago that I checked. I would love to know if it has changed. I did do a quick search of the change logs for FreeSWAN and didn't see any changes in this area.
<BR>
<BR>
Rick
<BR>
<BR>
On Thu, 2002-04-11 at 15:07, Gordon Chamberlin wrote:
<BLOCKQUOTE>
<PRE><FONT COLOR="#737373"><FONT SIZE="3"><I>Hello Everyone, </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>I am in the process of setting up a VPN to allow road warrior win2k</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>laptops to connect to our corporate intranet. Our approach is to use</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>FreeSwan's IPSec. </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>I d/led FreeSwan, installed the X.509 patch, recompiled my kernel and</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>feel fairly confident that the FreeSwan side is working. My problem has</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>been in the Windows configuration. </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>I follow various Howtos and create keys and install them but I haven't</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>been successful in getting the win2k machine to connect to the freeswan.</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>Is there anyone out there who has this working? </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>Would you be interested in doing a little consulting work to help me</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>complete my process? </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>Once I get this working, I would be happy to make a presentation to the</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>group on setting this up. </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>Thanks. </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>-Gordon </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>-- </FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I> Gordon Chamberlin Software Architect</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I> Visualize, Inc. http://www.visualizeinc.com</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I> (602) 861-0999 ext. 14 glac@visualizeinc.com</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>________________________________________________</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.</FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I></FONT></FONT></I>
<FONT COLOR="#737373"><FONT SIZE="3"><I>PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us</FONT></FONT></I></PRE>
</BLOCKQUOTE>
<A HREF="http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss"><FONT SIZE="3"><I>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss</FONT></I></A>
<BLOCKQUOTE>
<PRE></PRE>
</BLOCKQUOTE>
</BODY>
</HTML>
--=-VGHmKWW5EZ//bv045XTa--