On Tue, 11 Mar 2003, Erik Anderson wrote: > Does this mean that I could do something like this: > 1) Build a linux box with FreeSWAN to be used as a VPN gateway. > 2) Have Windows clients easily connect to it to gain access to the LAN. Possible, yes. Easily, sort of. > If so, is there any documentation around on this? I've read a fair > amount on FreeSWAN, but the documentation I've found always assumes > that you have a linux box on either side... http://www.natecarlson.com/linux/ipsec-x509.php That's my document on how to do it with the built-in IPSec client in Windows 2000/XP. It's not trivial, though, and requires a public IP (dynamic, but public) on the client side. If you want to connect with a Windows client in an easier manner, I suggest using SSH Sentinel -- it supports NAT-Traversal, DHCP-over-IPsec, and a bunch of other features. I keep meaning to write up a document on how to configure it, but I've been way too busy lately. As long as you understand IPSec, it's not too hard to figure out, though. SSH actually provides some documentation on how to configure both ends, too. :) (Hint -- if you just want simple fuctionality without DHCP over IPSec, the server side setup I describe at my web page works fine.) -- Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 http://www.real-time.com | Fax : (952)943-8500 _______________________________________________ Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list