On Fri, Mar 10, 2006 at 10:20:05AM +0100, Sturla Holm Hansen wrote: > I have 5 customers in 1 building sharing 1 SHDSL-line, each of them have > their own router behind the main router to segment the net and now they > want VPN. What do they want it for? What OSes will be connecting? > The problem is that they should not have access to each others LAN, just > their own, so I have to figure out a way to determine what network they > should have access to by checking what login they use on the VPN. > I know that multiple external IP's would solve the problem, but that's > not an option. Would be the simplest solution, yes. > So could I set up a Linux VPN-server that has different routes for > different logins? Yes, you can. Using Openswan it is possible to restrict a connection with "leftsubnet=$IP_RANGE". Furthermore, you may execute scripts when starting the connection and thereby adapting your firewalling rules. There is also a patch which provides the vpn'ed hosts with a local IP-Address, you might be able to use this to restrict the connection further. Depending on your situation, there might be many other options. > Any sollutions would be much appreciated :) As stated, a solution depends heavily on your situation. greetings Stefan -- I am Deutsche Bahn AG of BORG. Your time will be wasted. Fahrpläne are futile.
Attachment:
signature.asc
Description: Digital signature