Welcome to Linux Forums!

With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Linux Forum ArticlesLinux ForumsLinux Forum DownloadsLinux Hosts
Home|Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search|
SEARCH FOR IN
Go Back   Linux Forums > GNU Linux Zone > Linux Security
Reload this Page IPsec on LAN ?
Linux Forums
Linux Forums
Welcome To The Linux Forums!
Welcome to Linux Forums. We pride ourselves in being one of the largest Linux communities on the web, we encourage you to REGISTER on our forums and participate in the community. There are over 150,000 members ready to answer your questions. JOINING US today will allow you to make new posts, get support, send messages to other members and submit downloads to our downloads directory and many other great features!

Linux Security Discussion about keeping your machines secure, and the crackers out.

Reply
 
Thread Tools Display Modes
Old 05-27-2008   #1 (permalink)
kingspy
Just Joined!
 
Join Date: May 2008
Posts: 1
IPsec on LAN ?
Hello,
I'm student in IT Hight shool education (4 degrees) and i have a security project.
I have to crypt IPV6 communications in my school. Every informations circulating in my network must be crypted.
At the begining, i have used RACOON but it's very capricious, so i have turned to its opponent : OPENSWAN.

With it, i can crypt, with PSK (PreShareKey), the communications between two computers or more but i have to declare on all computers the others addresses. I have more than thousand computers in the LAN so i can't use this solution.

Every examples found on web explain how to crypt a VPN (VirtualPrivateNetwork) but i want only to crypt a LAN (LocalAreaNetwork). I ask me the question : if this solution is possible.

Sorry for my approximate english but I really need your help,

Thank you for your intention

Kingspy
kingspy is offline   Reply With Quote
Old 05-27-2008   #2 (permalink)
VitalkaDrug
Just Joined!
 
Join Date: May 2008
Location: Russia, Far East, Komsomolsk-on-Amur
Posts: 1
Send a message via ICQ to VitalkaDrug
I see the next solution:
1. Leave LAN IPv4 traffic uncrypted.
2. Setup dedicated OpenVPN server with "server" mode (for multi-client server capability) with shared public encription key.
3. Create OpenVPN IPv6 (or IPv4) crypted network over LAN IPv4 uncrypted network.
VitalkaDrug is offline   Reply With Quote
Old 05-27-2008   #3 (permalink)
kakariko81280
Linux Enthusiast
 
Join Date: Apr 2004
Location: UK
Posts: 542
I think you're after opportunistic encryption

It uses public key encryption and a DNS server to pass out the public keys and reduce the configuration effort.

Best of all, it's part of openswan so you are already part way there.

Let us know how you get on,

Chris...
__________________
DRM keeps an honest user loyal
kakariko81280 is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




All times are GMT. The time now is 10:45 PM.



Contact Us | Advertise | Archive | Top
© 2000 - 2008 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.0.0