On Sunday 01 September 2002 08:55, Claus Johansen wrote: > Hi all, > > Has anyone out there been using ipsec509 in a production environment > with MS Windows road warrior clients?
Yep. > I have succeeded setting it up as an experiment (after a lot of > RTFM), but I miss some functionalities that would be crucial when > having "ordinary users": > > 1.) > There's no way to tear down a tunnel, it stays active until it times > out. A client trying to reconnect within that period will fail. This can be set in ipsec.conf. If you use the left/right firewall=yes option the failed tunnel(s) will always hang until a reboot is done. > 2.) > There's no way to set up temporary network settings (e.g. WINS) for > the MS clients for the duration of the connection. This means that > they either work with the "tunneled" network and no other, or they > will have very limited functionality through the tunnel (because of > NetBIOS limitations). It will work if you use Samba for your WINS resolution. NetBIOS can be channeled through TCP/IP unlike the similar M$ NetBEUI protocol. If your using Win2K/XP machines, your going to have problems due to M$ breaking WINS/DNS rfc's with these OS's integrated functionality. > If I've missed something here and there are feasible solutions, I'd > very much like to hear about it! > ;-) There should be information in the mailing-lists/docs on the FreeS/WAN site and possibly some newer work-arounds using updated Samba. If your using M$ WINS servers your dealing with something I've never had much success doing in a multiple subnet setup. This type of setup is something that Samba deals with in a much easier way, IMHO. You may find better advice on other lists, being that this is really not a LEAF issue per se. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
