Christian Weisgerber <[EMAIL PROTECTED]> wrote:
Meanwhile, ipsecctl has gained support for pre-shared key
authentication.
So in 3.9, things are simpler still:
Sounds great and thx a lot for your help :-))
For those who are interested and have wifi windows xp clients.
Recently I came across a tool called "smartvpn dial-up connection
management" from draytek. It is a freeware (ipsec) client that makes it
very simple to configure ipsec on windows 2k/xp. You will not have to
use mmc + ipsec policy editor or ipseccmd.exe.
It is available here:
http://217.160.102.141/data/RouterTools/win/SmartVPN/SMARTVPN09_05.zip
This tool does the following (based on your configuration choices), it
dynamically creates the policies and activate/deactivate them when you
need or don't need them anymore. I don't see a reason why it shouldn't
not work with an openbsd ipsec gateway. Have a look at the client's
"ipsec tunnel mode" (I think this is the one you will use) of the
client.
I personally did not have the opportunity to test it with openbsd (as
I'm an ipsec novice) but I will make the test with openbsd current as
soon as I can ...
Regards
Didier
fyi:
I am using this now with WinXP SP2 connected to my wireless LAN. This
is the ipsec.conf entry that works for me:
ike esp from any to $XP_LAPTOP_IP main auth hmac-sha1 enc 3des \
quick auth hmac-sha1 enc 3des \
psk "secretkey"
I found it very easy to use, the ipseccmd.exe from SP2 chrashes every time and
Softremote is too complex.
Regards
gp
