[strongSwan] Site2site VPN Config Examples
Holger Rauch
Holger.Rauch at empic.de
Thu Nov 4 16:05:13 CET 2010
Hi Martin,
thanks a lot for your quick reply.
________________________________________
From: Martin Willi [martin at strongswan.org]
Sent: Thursday, November 04, 2010 15:39
To: Holger Rauch
Cc: users at lists.strongswan.org
Subject: RE: [strongSwan] Site2site VPN Config Examples
> [...]
> Windows XP supports L2TP over IPsec with IKEv1 only, so is a >completely
>different story. It works with our IKEv1 daemon, but I won't recommend
>it for a productive setup. And RADIUS is a no-go then from our side. You
>probably better look for a commercial client if this should work
>hassle-free with XP. But one capable of IKEv2 is hard to get!?
Well, I was thinking of using ShrewSoft's VPN client
http://shrew.net/software
but I haven't yet figured out whether it supports IKEv2.
> We have kinda Mac
>support, but using virtual IPs as you probably would use it with
>Win7/Linux doesn't work yet.
Concerning the IP assignments, I simply want to assign the machine (mostly laptops) the same IP the machine has when used at work, where we use fixed IP addresses. So, I want to do static IP address assignments based on the MAC address of the network interface for the road warrior setups. Is that possible? In case it is, it's easier to debug potential problems as it's easy to figure out the origin. Is there an example also for this kind of setup?
> [...]
> Using certificates is probably simpler.
Ok, I will probably go with certificates for authenticating the gatways against each other.
Thanks in advance & kind regards,
Holger
THE standard software for Aviation Authorities
**********************************************************************************************
IMPORTANT NOTICE / WICHTIGER HINWEIS
This communication contains information which is confidential and may also be privileged. It is for the
exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any
distribution, copying or use of this communication or the information in it is strictly prohibited. If you have
received this communication in error please notify us immediately by email or by telephone and then delete
this email and any copies of it.
Diese E-Mail koennte vertrauliche und/oder rechtlich geschuetzte Informationen enthalten. Wenn Sie nicht
der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den
Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser
Mail sind nicht gestattet.
**********************************************************************************************
More information about the Users
mailing list