While I successfully configured an IPsec-VPN (I use a similar tho modified setup like this: http://riobard.com/blog/2010-04-30-l...-ipsec-ubuntu/
), I am now stuck on the next steps.
While I can connect to everything I want, I need to configure "access-groups" and/or "users".
The scenario is similar to this:
Lets say Host A, B and C allow SSH-Connections and some weird non-standard UDP-Connection from Host-VPN, and are also accessible on other ports with public IP's (like http).
I now want to limit, that an admin-user has access to all of them, while trainee-admin only can access everything on Host B and C, and CEO only can connect via telnet to Host C - and all users can be roadwarriors
(I made this example up to give you an idea what i'm trying to do - hope it makes sense).
Now my question is, if someone can point me towards a direction, as I'm quite clueless at the current moment as to what to try. I know that commercial IPsec-Implementations can do this, but can OpenSWAN/... give me something similar?