Find the answer to your Linux question:
Results 1 to 3 of 3
Hello, I'm student in IT Hight shool education (4 degrees) and i have a security project. I have to crypt IPV6 communications in my school. Every informations circulating in my ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2008
    Posts
    1

    IPsec on LAN ?


    Hello,
    I'm student in IT Hight shool education (4 degrees) and i have a security project.
    I have to crypt IPV6 communications in my school. Every informations circulating in my network must be crypted.
    At the begining, i have used RACOON but it's very capricious, so i have turned to its opponent : OPENSWAN.

    With it, i can crypt, with PSK (PreShareKey), the communications between two computers or more but i have to declare on all computers the others addresses. I have more than thousand computers in the LAN so i can't use this solution.

    Every examples found on web explain how to crypt a VPN (VirtualPrivateNetwork) but i want only to crypt a LAN (LocalAreaNetwork). I ask me the question : if this solution is possible.

    Sorry for my approximate english but I really need your help,

    Thank you for your intention

    Kingspy

  2. #2
    Just Joined!
    Join Date
    May 2008
    Location
    Russia, Far East, Komsomolsk-on-Amur
    Posts
    4
    I see the next solution:
    1. Leave LAN IPv4 traffic uncrypted.
    2. Setup dedicated OpenVPN server with "server" mode (for multi-client server capability) with shared public encription key.
    3. Create OpenVPN IPv6 (or IPv4) crypted network over LAN IPv4 uncrypted network.

  3. #3
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    732
    I think you're after opportunistic encryption

    It uses public key encryption and a DNS server to pass out the public keys and reduce the configuration effort.

    Best of all, it's part of openswan so you are already part way there.

    Let us know how you get on,

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •