Date: Wed, 17 Apr 2013 21:05:47 +0200 From: Matthieu Volat <mazhe@alkumuna.eu> To: freebsd-stable@freebsd.org Subject: Re: IKEv2/IPSEC "Road Warrior" VPN Tunneling? Message-ID: <20130417210547.11b60339db0d7c67a52c1284@alkumuna.eu> In-Reply-To: <516739C9.4080902@denninger.net> References: <516739C9.4080902@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --Multipart=_Wed__17_Apr_2013_21_05_47_+0200_FNitxUXSrnDTICgn Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Thu, 11 Apr 2013 17:31:37 -0500 Karl Denninger <karl@denninger.net> wrote: > Is there a "cookbook" for setting this up? There are examples for > setting up a tunnel between two fixed-address networks (e.g. a remote > LAN that needs to be "integrated" with a central LAN over IPSec but I > can't find anything addressing the other situation -- remote user(s) > where the connecting IPs are not known in advance, such as a person with > a laptop or smartphone in a random hotel. > > (And is there a better list for this in the freebsd-* paradigm for the > question?) > Sorry for answering this late, As mentionned in another answer, you can start with the roadwarrior server/client configuration in ipsec-tools examples. To work with FreeBSD, the phase1-up.sh and phase1-down.sh scripts must be customized. I've attached both scripts, tell me if it does not work, I'll upload them somewhere (maybe propose them for inclusion in the port tree?) -- Matthieu Volat <mazhe@alkumuna.eu> --Multipart=_Wed__17_Apr_2013_21_05_47_+0200_FNitxUXSrnDTICgn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130417210547.11b60339db0d7c67a52c1284>