[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: [strongSwan] Strongswan beginner question
From: Andrei_Vida-RaĊ£iu <andreiv3103 () gmail ! com>
Date: 2016-01-24 18:56:01
Message-ID: 56a51e48.c2351c0a.5f951.403e () mx ! google ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello everyone
I have experience with Linux servers administration, I worked with PPTP and=
OpenVPN, but this is the very first time that I have to use IPSec.
So I would like to know if, at least, what I think about is possible. Here =
is my situation.
The company I work for has a VPS, on OpenVZ, running CentOS 6.7.
They want to use this server as a gateway, that would connect their develop=
ers to a costomer that, for security reasons, require a single point of con=
nection (a single IP) to their network.
Further more, this client uses a paloalto firewall and accepts only IPSec c=
onnections.
So what I thought is to connect our VPS to this client, using strongswan, a=
gateway to gateway tunnel connection and, if possible, user strongswan to =
also accept connection from the developers (devs connect from different loc=
ations).
Then the server should route the devs to this client in order to allow them=
to access various internal servers.
Is this possible with strongswan? To act as gw-to-gw but also as classic VP=
N and route between the two?
I just want to know if I should start experimenting or look for another sol=
ution.
Sent from Mail for Windows 10
[Attachment #5 (unknown)]
<html xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type \
content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 \
(filtered medium)"><style><!-- /* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=RO link=blue vlink="#954F72"><div class=WordSection1><p \
class=MsoNormal><span lang=EN-US>Hello everyone<o:p></o:p></span></p><p \
class=MsoNormal><span lang=EN-US>I have experience with Linux servers administration, \
I worked with PPTP and OpenVPN, but this is the very first time that I have to use \
IPSec.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>So I would like to \
know if, at least, what I think about is possible. Here is my \
situation.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>The company I \
work for has a VPS, on OpenVZ, running CentOS 6.7.</span><o:p></o:p></p><p \
class=MsoNormal><span lang=EN-US>They want to use this server as a gateway, that \
would connect their developers to a costomer that, for security reasons, require a \
single point of connection (a single IP) to their network.<o:p></o:p></span></p><p \
class=MsoNormal><span lang=EN-US>Further more, this client uses a paloalto firewall \
and accepts only IPSec connections.<o:p></o:p></span></p><p class=MsoNormal><span \
lang=EN-US>So what I thought is to connect our VPS to this client, using strongswan, \
a gateway to gateway tunnel connection and, if possible, user strongswan to also \
accept connection from the developers (devs connect from different \
locations).<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>Then the server \
should route the devs to this client in order to allow them to access various \
internal servers.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>Is this \
possible with strongswan? To act as gw-to-gw but also as classic VPN and route \
between the two?<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>I just want \
to know if I should start experimenting or look for another \
solution.<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p \
class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'>Sent from \
<a href="http://go.microsoft.com/fwlink/?LinkId=550986">Mail</a> for Windows \
10<o:p></o:p></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times \
New Roman",serif'><o:p> </o:p></span></p><p class=MsoNormal><span \
style='font-size:12.0pt;font-family:"Times New \
Roman",serif'><o:p> </o:p></span></p></div></body></html>
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic