[Wlug] freeswan

Wes Allen wallen@charter.net
Wed, 23 Apr 2003 22:11:30 -0400


On Wednesday 23 April 2003 8:41 am, mhughes@wpidalamar.com wrote:
> I think you actually might want a vpn between networks ... If you
> put your wireless network behind a firewall, and then only allow ipsec
> through it onto your home lan (and I assume onto the internet eventually).
> Then your vpn uses the wireless network as the untrusted network (instead
> of using the internet as the untrusted network).  Anyone not on the VPN
> can't get any packets onto the rest of your network.
>
> This does 2 things.
> 1) Encryption like you want so people can't see what you're doing.
> 2) Authentication - so only authorized people on the VPN can access
> anything on the rest of the network.
>
> This could be a lot stronger protection than WEP gives you.  Of course
> I've never actually done this, but there was an article I read a while
> back suggesting it, perhaps it's in the Linux Journal archives.

Thanks, I'll look into it...

Wes

>
> -Marc
>
> On Wed, 23 Apr 2003, Wes Allen wrote:
> > Is anyone out there using freeswan?
> >
> > I'm thinking of repeating my wireless network over to my office after my
> > move and I'm thinking of setting up freeswan to encrypt the traffic more
> > tightly on the network when I do.
> >
> > The howto's I've found have been on setting up a vpn between networks, is
> > it possible to set up freeswan to encrypt traffic on a single lan (until
> > sdmca laws make it technically illegal to do so.....).
> >
> > Wes
> > --
> > ------
> > This message may be signed using GPG, for my public key please
> > send me a message with "Key Request" in the subject line.
> >
> >
> > _______________________________________________
> > Wlug mailing list
> > Wlug@mail.wlug.org
> > http://mail.wlug.org/mailman/listinfo/wlug
>
> _______________________________________________
> Wlug mailing list
> Wlug@mail.wlug.org
> http://mail.wlug.org/mailman/listinfo/wlug

-- 
------
This message may be signed using GPG, for my public key please
send me a message with "Key Request" in the subject line.