From owner-freebsd-security@FreeBSD.ORG Thu May 8 05:20:12 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6458337B401 for ; Thu, 8 May 2003 05:20:12 -0700 (PDT) Received: from PIKES.panasas.com (gw2.panasas.com [65.194.124.178]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9D83F43FA3 for ; Thu, 8 May 2003 05:20:10 -0700 (PDT) (envelope-from behanna@zbzoom.net) Received: from waumbek.panasas.com ([172.17.2.36]) by PIKES.panasas.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id 2AZLNTFH; Thu, 8 May 2003 08:20:08 -0400 From: Chris BeHanna Organization: Western Pennsylvania Pizza Disposal Unit Date: Thu, 8 May 2003 08:20:08 -0400 User-Agent: KMail/1.5.1 To: security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200305080820.08338.behanna@zbzoom.net> Subject: Fwd: Re: VPN through BSD for Win2k, totally baffled X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: behanna@zbzoom.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 12:20:13 -0000 On Wednesday 07 May 2003 22:21, Michael Collette wrote: > Scenario: > FreeBSD box running IPFW acting as a gateway to private network. The > private network is made up of entirely routeable IP addresses. External > users running Win2k and XP on DSL connections with dynamic IPs. > > Goal: > To have the FreeBSD gateway securely authenticate and encrypt the traffic > between the outside users and the internal network. You might try mpd, which should let the Windows users get in via PPTP. At least, if I read the docs right, mpd should be useful for allowing inbound PPTP connections as well as making output PPTP connections. Then you need to allow inbound traffic on port 1723, protocol GRE. (Take with salt; I haven't yet had my morning coffee.) -- Chris BeHanna Software Engineer (Remove "bogus" before responding.) behanna@bogus.zbzoom.net Turning coffee into software since 1990.