[strongSwan] Encrypting a local network

Rainer Klute rainer.klute at gmx.de
Wed Jun 18 10:04:37 CEST 2014


Hi,

in order to make a local network tap-proof, I'd like to encrypt the
traffic between authenticated stations. Non-encrypted traffic between
authenticated stations and unauthenticated ones (e.g. printers) must
still be possible, but unauthenticated stations connecting to the
network should not be able to tap traffic between authenticated ones.
Authentication should be done by public keys.

Is this possible with Strongswan? And is there an example configuration
available? I couldn't find one in the documentation (which is somewhat
shattered and confusing anyway) and among the sample configurations, but
perhaps I am just not seeing the forrest for the trees.

Thanks!

-- 

Best regards
Rainer Klute 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140618/4828fbeb/attachment.pgp>


More information about the Users mailing list