ipsec/xauth tunel multiple clients routing [closed]

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP

up vote
0
down vote

favorite

based on such schema 🙂

enter image description here

i want to setup a “tunnel” enviroment in which:

  1. each client (c1,c2… cx) on SAME PUBLIC IP (home xDLS NAT router from ISP) will establish a tunnel to my ipsec/xauth server

  2. each client will have assigned a dedicated OUT IP (the traffic from server will go out and in by this ip (on server side) and go back with this ip to the client – not the one the tunnel is established) on second end of the tunnel

  3. so all cients will use same IN IP to establish the tunnel (ip unknown/hidden/transparent for ip trafic to client?)

  4. i want to be able to assign a OUT IP for a client based on client AUTH data by user login [ login -> OUT public IP ]

  5. i would like to use libreswarn

my question

a) is it posible a such scenario and if is
b) how the ipsec.config should look like
c) how the iptables rules should look like

could the server side look such way ?

enter image description here

share|improve this question

closed as too broad by Rui F Ribeiro, Stephen Kitt, Jesse_b, RalfFriedl, Jeff Schaller Nov 29 at 18:04

Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.

  • Your diagrams are virtually unreadable.
    – Jesse_b
    Nov 29 at 16:18

  • @Jesse_b – depending on reader 🙂 did u even seen handy made perscription from md? who can read it without any problem ? other md or pharmacist…
    – ceph3us
    Nov 29 at 18:17

up vote
0
down vote

favorite

based on such schema 🙂

enter image description here

i want to setup a “tunnel” enviroment in which:

  1. each client (c1,c2… cx) on SAME PUBLIC IP (home xDLS NAT router from ISP) will establish a tunnel to my ipsec/xauth server

  2. each client will have assigned a dedicated OUT IP (the traffic from server will go out and in by this ip (on server side) and go back with this ip to the client – not the one the tunnel is established) on second end of the tunnel

  3. so all cients will use same IN IP to establish the tunnel (ip unknown/hidden/transparent for ip trafic to client?)

  4. i want to be able to assign a OUT IP for a client based on client AUTH data by user login [ login -> OUT public IP ]

  5. i would like to use libreswarn

my question

a) is it posible a such scenario and if is
b) how the ipsec.config should look like
c) how the iptables rules should look like

could the server side look such way ?

enter image description here

share|improve this question

closed as too broad by Rui F Ribeiro, Stephen Kitt, Jesse_b, RalfFriedl, Jeff Schaller Nov 29 at 18:04

Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.

  • Your diagrams are virtually unreadable.
    – Jesse_b
    Nov 29 at 16:18

  • @Jesse_b – depending on reader 🙂 did u even seen handy made perscription from md? who can read it without any problem ? other md or pharmacist…
    – ceph3us
    Nov 29 at 18:17

up vote
0
down vote

favorite

up vote
0
down vote

favorite

based on such schema 🙂

enter image description here

i want to setup a “tunnel” enviroment in which:

  1. each client (c1,c2… cx) on SAME PUBLIC IP (home xDLS NAT router from ISP) will establish a tunnel to my ipsec/xauth server

  2. each client will have assigned a dedicated OUT IP (the traffic from server will go out and in by this ip (on server side) and go back with this ip to the client – not the one the tunnel is established) on second end of the tunnel

  3. so all cients will use same IN IP to establish the tunnel (ip unknown/hidden/transparent for ip trafic to client?)

  4. i want to be able to assign a OUT IP for a client based on client AUTH data by user login [ login -> OUT public IP ]

  5. i would like to use libreswarn

my question

a) is it posible a such scenario and if is
b) how the ipsec.config should look like
c) how the iptables rules should look like

could the server side look such way ?

enter image description here

share|improve this question

based on such schema 🙂

enter image description here

i want to setup a “tunnel” enviroment in which:

  1. each client (c1,c2… cx) on SAME PUBLIC IP (home xDLS NAT router from ISP) will establish a tunnel to my ipsec/xauth server

  2. each client will have assigned a dedicated OUT IP (the traffic from server will go out and in by this ip (on server side) and go back with this ip to the client – not the one the tunnel is established) on second end of the tunnel

  3. so all cients will use same IN IP to establish the tunnel (ip unknown/hidden/transparent for ip trafic to client?)

  4. i want to be able to assign a OUT IP for a client based on client AUTH data by user login [ login -> OUT public IP ]

  5. i would like to use libreswarn

my question

a) is it posible a such scenario and if is
b) how the ipsec.config should look like
c) how the iptables rules should look like

could the server side look such way ?

enter image description here

iptables nat tunneling ipsec xauth

share|improve this question

share|improve this question

share|improve this question

share|improve this question

asked Nov 29 at 14:01

ceph3us

246315

246315

closed as too broad by Rui F Ribeiro, Stephen Kitt, Jesse_b, RalfFriedl, Jeff Schaller Nov 29 at 18:04

Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.

closed as too broad by Rui F Ribeiro, Stephen Kitt, Jesse_b, RalfFriedl, Jeff Schaller Nov 29 at 18:04

Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.

  • Your diagrams are virtually unreadable.
    – Jesse_b
    Nov 29 at 16:18

  • @Jesse_b – depending on reader 🙂 did u even seen handy made perscription from md? who can read it without any problem ? other md or pharmacist…
    – ceph3us
    Nov 29 at 18:17

  • Your diagrams are virtually unreadable.
    – Jesse_b
    Nov 29 at 16:18

  • @Jesse_b – depending on reader 🙂 did u even seen handy made perscription from md? who can read it without any problem ? other md or pharmacist…
    – ceph3us
    Nov 29 at 18:17

Your diagrams are virtually unreadable.
– Jesse_b
Nov 29 at 16:18

Your diagrams are virtually unreadable.
– Jesse_b
Nov 29 at 16:18

@Jesse_b – depending on reader 🙂 did u even seen handy made perscription from md? who can read it without any problem ? other md or pharmacist…
– ceph3us
Nov 29 at 18:17

@Jesse_b – depending on reader 🙂 did u even seen handy made perscription from md? who can read it without any problem ? other md or pharmacist…
– ceph3us
Nov 29 at 18:17

active

oldest

votes

active

oldest

votes

active

oldest

votes

active

oldest

votes

active

oldest

votes

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *