LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-22-2011, 01:35 PM   #1
lucorlis
LQ Newbie
 
Registered: Jun 2011
Posts: 2

Rep: Reputation: Disabled
IPsec - tunnel restrictions and users


Hello all,

While I successfully configured an IPsec-VPN (I use a similar tho modified setup like this: http://riobard.com/blog/2010-04-30-l...-ipsec-ubuntu/ ), I am now stuck on the next steps.

While I can connect to everything I want, I need to configure "access-groups" and/or "users".

The scenario is similar to this:
Lets say Host A, B and C allow SSH-Connections and some weird non-standard UDP-Connection from Host-VPN, and are also accessible on other ports with public IP's (like http).

I now want to limit, that an admin-user has access to all of them, while trainee-admin only can access everything on Host B and C, and CEO only can connect via telnet to Host C - and all users can be roadwarriors

(I made this example up to give you an idea what i'm trying to do - hope it makes sense).

Now my question is, if someone can point me towards a direction, as I'm quite clueless at the current moment as to what to try. I know that commercial IPsec-Implementations can do this, but can OpenSWAN/... give me something similar?

Last edited by lucorlis; 06-22-2011 at 02:48 PM.
 
Old 06-22-2011, 02:47 PM   #2
lucorlis
LQ Newbie
 
Registered: Jun 2011
Posts: 2

Original Poster
Rep: Reputation: Disabled
Bummer, I was constantly looking at the wrong ends of it: IPsec, xl2tpd, Windows (just cause), but in the end I didn't fully check one thing: PPP

Modifying the chap-secrets file I can assign a distinct local IP to each user. That of course can be used with IPtables to restrict its access in any way I want.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh tunnel username with restrictions MystKid Linux - Newbie 1 03-25-2011 01:37 PM
How to set iptables for IPSec tunnel? ecvoyager Linux - Security 3 01-11-2010 09:39 PM
[SOLVED] Firewall restrictions on sock5 tunnel forwarding (through ssh) investor_me Linux - Networking 3 09-09-2009 08:29 PM
IPsec one to many ike tunnel config Damoek AIX 0 05-16-2009 11:07 AM
IPSEC Tunnel behind NAT pssst_yeah_you Linux - Networking 0 06-23-2004 05:54 PM


All times are GMT -5. The time now is 11:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration