Hi Daniel, I was thinking of the bundled L2TP/IPsec client, I don't mind paying for a VPN client if there are better/more flexible options. If the client is over £30 ($40) I would rather just buy Win 7. I am happy with a different range, say 192.168.1.0/24 for the VPN users.
Kind regards, On 19 February 2010 12:29, Daniel Mentz < danielml+mailinglists.strongs...@sent.com<danielml%2bmailinglists.strongs...@sent.com> > wrote: > Hi Razza, > > you need to setup your DSL/NAT Router to forward UDP datagrams destined for > ports 500 and 4500 to your strongSwan box. > You said that you want to allocate IP addresses for road warriors inside > the 192.168.10.0/24 range. This could be difficult to achieve. Can you > waive this requirement and come up with a separate IP prefix for road > warriors? Like 10.x.y.0/24? This would make things much easier. > > I'm using this kind of setup for Win7 clients. Which IPsec client software > do you want to use on Windows XP? > > -Daniel > > > Razza wrote: > >> Hi all, I’m new to the list and am looking for a bit of advice. I’ve >> looked >> around but can’t find any examples close to what I want to achieve, >> probably >> because it’s flawed from a purists security view point. Anyway, I want to >> use strongSwan in a home network environment, mainly so I can access home >> network machines whilst I’m away. E.g. ssh to my asterisk server, RDP/VNC >> to >> my partners machine etc. >> >> >> >> My network is as follows – >> >> >> >> 192.168.10.0/24 -- | 192.168.10.1 | | Dynamic RIPE IP | -- Internet >> >> Home Network | Inside i/f | | Outside i/f | >> >> | DSL/NAT Router | >> >> >> >> As I only have a single RIPE address on my DSL, I intend to port forward >> necessary ports to a single interface on my strongSwan box. >> >> My strongSwan box will have an address in the range 192.168.10.0/24. I >> would >> prefer to have a singe physical interface if possible, but could have two. >> >> When I connect from an internet connected machine (soon Win7, currently >> XP), >> I would like to be allocated a virtual IP in the range of my home network >> ( >> 192.168.10.0/24). >> >> >> Is this possible? >> _______________________________________________ >> Users mailing list >> Users@lists.strongswan.org >> https://lists.strongswan.org/mailman/listinfo/users >> > > _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users