[LARTC] IPSec gateway configuration
Vlad Adomnicai
vlada at xana.ro
Mon Mar 21 15:12:15 CET 2005
Hi,
I'm trying to build an ipsec gateway and somewhere I'm doing something
wrong.
I have a couple of routers that have clients in their back. All the
routers are connected into a switch. In that switch I also have a
computer that provides internet access to the clients.
I would like to setup some sort of autentification (don't need
encryption), to allow me to give access to different services to
clients. Diferenciating services I can do on the internet gateway, but
on the routers I have to be certain that a certain IP is not stolen.
I have set up ipsec so that if a client pings his gateway, it will
work only if he has the same key as defined on the server. However, if
he pings the internet gateway, it will work, no matter what I do. I
would like the router to validate all packets to the outside LAN. Also I
would like to achieve this with the lowest CPU utilization possible
although this isn't critical. (about 150 clients behind one router
(p2-400/p3-600)).
The documentation that I have found was only how to establish secure
connection between two computers, but what I need is to get outside of
it and if possible to not use VPN, because I want the clients that are
in the same LAN have maximum trasnfer speeds.
Thx for any suggestions in advance.
Vlad Adomnicai
More information about the LARTC
mailing list