Uhm.. Freeswan being a IPSec server will only allow people who authenticate via preshared keys or rsapublic keys to route traffic into your internal network. ie win98client --- internet --- firewall(eth0) -> internal(eth1) Obviously you would use a non-public iprange internally. If everything is setup properly, people on the internet cannot contact internal. but the win98client will be able to if there is a IPSec connection present (and IPSec is setup to do the routing to the internal lan). If you are talking about something else, please elaborate on your question. -miah On Mon, Nov 20, 2000 at 01:29:25PM +0100, Andreas Siegert wrote:
Hi, I am looking for a solution to authenticate routing.
IPSEC CLient (Mostly WinXX boxes) connects to firewall. Firewall untunnels packets (FreeS/WAN) Firewall authenticates user ???????? Successful authentication enables routing of the clients Packets into the internal net.
Commercial FWs like FW1 have that feature, but I'd rather run it on Linux.
Thanks for any pointers afx
-- atsec information security GmbH Phone: +49-89-44249830 Steinstrasse 68 Fax: +49-89-44249831 D-81667 Muenchen, Germany WWW: www.atsec.com May the Source be with you!
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com