[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
Hi Paul, Thats great news! ive done quite a lot with pptp (gre-packet encapsulation) but never ipsec because my lan is behind two gateways which meant the routing would change the checksum/certificates and ipsec drops the tampered packets. What i would like to get together is the following: An ipsec box and firewall. Behind this will be a win2k server and an imap linux mail server. These two machines are going to be on their own with no clients directly connected, in a rack with there own 2mb pipe. Then we have the clients, which will very between 7-10 each with their own dsl connection and a variety of os - winxp & win2k & Linux. Some are static and some dhcp off their isp. What i would like to get together is almost replicate the normal win2k domain login to keep consistancy with what they users are used too. They all develop in win32 so there is no getting away from the windows angle. So each user will be presented with a domain login screen which then implements the whole hog, they then inherit the whole active directory groups and users permission set up & each client can access each others machines via network neighbourhood, net sends, internal msn, i need to get some internal video conferencing together as well (but one thing at a time eh). But the AD stuff is most the most important. Oh, and each client will have an imap mailbox which will keep the mail internal (apart from passing through the tunnels) As far as the NAT stuff goes, that may only pose a problem with users behind there own routers. Which dist did you use? Be interested in what sort of set up you have going. Regards, luke On Wed, 2003-10-01 at 18:33, Robin Cornelius wrote: > > Hi Luke, > > I have a freeswan/X509 system running with my linux server authenticating > linux and windows "road-warriors" using X509 cerfiticates. I am not that > experienced with nat traversal although i think i have a grasp of some of > the basics, any help? if so spew away! > > Have you tried users@xxxxxxxxxxxxxxxxxx as i think that is the most recent > mailing list > > Robin > > > > -----Original Message----- > From: owner-list@xxxxxxxxxxxx [mailto:owner-list@xxxxxxxxxxxx]On Behalf Of > Luke > Sent: 01 October 2003 14:29 > To: list@xxxxxxxxxxxx > Subject: [LUG] freeswan ipsec > > > Has anyone on the list had much experience with freeswan ipsec? Esp issues > around nat traversal and dare I say it.....windows domain authentification? > > Just thought i would check before spewing out the details. The > users@xxxxxxxxxxxxxxxx mailing list is as dead as dodo it seems. > > Cheers, > > Luke -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.