#17 Racoon Roadwarrior client get virtual ip from server?

racoon
closed
nobody
5
2009-01-16
2005-04-29
Anonymous
No

We tried to use Racoon server and client to setup Ipsec
VPN in Rethat 9 linux PCs. Currently the roadwarrior
with x509 works well, but client can not get a virtual ip
addr from the server.

My question: Does Racoon client support get the virtual
ip from Racoon server if we use the roadwarrior with
x509 and enable the mode_cfg?

From your posting, it seems there are two ways to get
virtual ip: one is integrating Racoon client with DHCP
client, another is setting mode_cfg on with
Hybrid_rsa_server.

The first one is not supported currently, and the second
one is only available when Racoon server work together
with Cisco VPN client. Is that right?

Can I use the second way with Racoon client without
Cisco VPN client?

We have stopped here for a week and we are very
anxious about this problem. Do I have to turn to the
FreeSWAN?

Discussion

  • Mike Robinson
    Mike Robinson
    2005-05-12

    Logged In: YES
    user_id=854356

    I wish I knew the answer... but... the idea of getting an
    IP-address from _Racoon_ seems somewhat nonsensical to me.
    The road-warrior is going to have acquired an IP-address
    from his hotel's wireless router... Where else, and why
    else?

     
  • Aidas Kasparas
    Aidas Kasparas
    2005-05-12

    Logged In: YES
    user_id=39627

    Mike,

    Yes, you're partly right. Of course, road-warrior should get
    an address from DHCP for transport (i.e. to send packets up
    to security gateway[SG]). But, if SG admin want to use some
    packet filtering besides IPSec and works with addresses that
    are used at places from where roadwarriors comes, he will
    have one big nightmare. Insted, it is possible to assign one
    or more networks for roadwarriors and ask them to use these
    addresses in IPSec'ed connections. This way, you have to
    filter just assigned networks. And this is why "addresses
    from racoon" are good.

     
  • Timo Teras
    Timo Teras
    2009-01-16

    Closing all sourceforge.net bugs. If this issue has not been cared for please submit a new bug report to https://trac.ipsec-tools.net/ issue tracker. Thank you.

     
  • Timo Teras
    Timo Teras
    2009-01-16

    • status: open --> closed