Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 06-22-2011, 01:35 PM   #1
LQ Newbie
Registered: Jun 2011
Posts: 2

Rep: Reputation: Disabled
IPsec - tunnel restrictions and users

Hello all,

While I successfully configured an IPsec-VPN (I use a similar tho modified setup like this: ), I am now stuck on the next steps.

While I can connect to everything I want, I need to configure "access-groups" and/or "users".

The scenario is similar to this:
Lets say Host A, B and C allow SSH-Connections and some weird non-standard UDP-Connection from Host-VPN, and are also accessible on other ports with public IP's (like http).

I now want to limit, that an admin-user has access to all of them, while trainee-admin only can access everything on Host B and C, and CEO only can connect via telnet to Host C - and all users can be roadwarriors

(I made this example up to give you an idea what i'm trying to do - hope it makes sense).

Now my question is, if someone can point me towards a direction, as I'm quite clueless at the current moment as to what to try. I know that commercial IPsec-Implementations can do this, but can OpenSWAN/... give me something similar?

Last edited by lucorlis; 06-22-2011 at 02:48 PM.
Old 06-22-2011, 02:47 PM   #2
LQ Newbie
Registered: Jun 2011
Posts: 2

Original Poster
Rep: Reputation: Disabled
Bummer, I was constantly looking at the wrong ends of it: IPsec, xl2tpd, Windows (just cause), but in the end I didn't fully check one thing: PPP

Modifying the chap-secrets file I can assign a distinct local IP to each user. That of course can be used with IPtables to restrict its access in any way I want.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh tunnel username with restrictions MystKid Linux - Newbie 1 03-25-2011 01:37 PM
How to set iptables for IPSec tunnel? ecvoyager Linux - Security 3 01-11-2010 09:39 PM
[SOLVED] Firewall restrictions on sock5 tunnel forwarding (through ssh) investor_me Linux - Networking 3 09-09-2009 08:29 PM
IPsec one to many ike tunnel config Damoek AIX 0 05-16-2009 11:07 AM
IPSEC Tunnel behind NAT pssst_yeah_you Linux - Networking 0 06-23-2004 05:54 PM

All times are GMT -5. The time now is 07:40 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration