-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello Rainer
Yes, this is possible. Look at those scenarios: [1] and [2]. [1] http://www.strongswan.org/uml/testresults/ikev2/host2host-cert/ [2] http://www.strongswan.org/uml/testresults/ikev2/host2host-transport/ Regards, Noel Kuntze GPG Key id: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 Am 18.06.2014 10:04, schrieb Rainer Klute: > Hi, > > in order to make a local network tap-proof, I'd like to encrypt the > traffic between authenticated stations. Non-encrypted traffic between > authenticated stations and unauthenticated ones (e.g. printers) must > still be possible, but unauthenticated stations connecting to the > network should not be able to tap traffic between authenticated ones. > Authentication should be done by public keys. > > Is this possible with Strongswan? And is there an example configuration > available? I couldn't find one in the documentation (which is somewhat > shattered and confusing anyway) and among the sample configurations, but > perhaps I am just not seeing the forrest for the trees. > > Thanks! > > > > _______________________________________________ > Users mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJToWzlAAoJEDg5KY9j7GZYb1cP/jf7P1uoxvXnvLozIL3g7CgG 35Lo9/1o6cAsVmwqTQs7LBQem/WxvVZlNOyagOzVO2TGH4RQLj2YOUh5S1gDQMTx yNDfKAT/6G02BCMsEYi0osV+Msb7u5lIU8wNZcOStkEVVFUwqo9yhDNeuLZTD9QU +kwCgP6wQ/BlT+pl0vySQl8GjqFvSdQJqZ9RXKUsvk2w1mDsKwRD7dxNLIZgMe/6 yKJS/Ic6rYV2mKHdxDSE9MrPhllqsxS+IJL8hheIG5w9lsaWnz/9o5zH6JYXEFhM C9fbXr/z9rOzVH3s5iuDp5+4MnOXRfigSP5+6hcpNCf9eXNWfVrMcZXlXTErEe4m 5g8xshicg9q8LNG509Fzh/sCpLtfCkXMwmogwXwQgBvgSPpO1ELL3f3e9F+zaCja ekucopGMDsc3wjE29lXw8Gaf8Db3GhKb4umKQVrCeGM2dndXTFJMiuv91wXrxHUz 5qz11VPI6MZ/bBvSEmfVe87L6MbD1rrqNVLSKRsFdPF3U/n20wry3oRMOZUGfPV5 LXmxpLmQ/SuZCRUyQbBC6hibQV7YaPiJ2ATKLP8xu9MmXPlakgRpJkLwStMCVbyl F4r7Xvvt2Opvqi4XipDU9GiMCS2oMmV5gWoCAFReMDAfQOy+qU4YTJL/8pbMtaeC z2OWzUZFICBzCuU26nW8 =4aGa -----END PGP SIGNATURE----- _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
