Chad has made Win2K configuration using IPSec look simple in his documentation. It does not seem as if the description is enough to get it to work well first shot. I've had a horrid time going thro' a Win2K configuration. I've been in the Windows world for over 12 years and Win2K IPSec configuration is as convoluted as it can get.
I'm learning. I've been able to set up a preshared key tunnel between a leaf box and a RH Linux box to connect two LANs as under 192.168.1.1 192.168.2.1 local LAN | +------------+ Internet Link +--------+ |local LAN 192.168.1.0/24 |----| LEAF Bering|================|RH Linux|-----|192.168.2.0/24 | +------------+ +--------+ | I then thought I'd set up Win2K to LEAF using preshared keys. I've got stuck up here. I'd like some light here. 1. My Win2K box is a Internet dial up box on Dynamic IP. Can I use preshared keys in this scenario between Win2K and LEAF? If so, how do I configure my Win2K box. Most documentation I've seen refer to x509 certificate use for such a scenario. Setting up a separate machine for this in a predominant Windows network poses organisational problems. 2. I've seen a ipsec.exe tool in Nate Carlson's page http://www.natecarlson.com/linux/ipsec-x509.php . One of the things that make my head spin is two tunnels for one connection and the sequence of configuration. Can someone throw some light on this please? Is Nate Carlson's utility an overkill for a LEAF scenario? If not, can it not be adopted to make life simpler? Bye Mohan ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html