From owner-freebsd-net@FreeBSD.ORG  Fri Aug 20 18:55:09 2004
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 51C8A16A4CF
	for <freebsd-net@freebsd.org>; Fri, 20 Aug 2004 18:55:09 +0000 (GMT)
Received: from lexus.isprime.com (lexus.isprime.com [66.230.130.130])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1F95C43D41
	for <freebsd-net@freebsd.org>; Fri, 20 Aug 2004 18:55:09 +0000 (GMT)
	(envelope-from pr@isprime.com)
Received: from localhost (localhost [127.0.0.1])
	by lexus.isprime.com (Postfix) with ESMTP id 38E5A39E307
	for <freebsd-net@freebsd.org>; Fri, 20 Aug 2004 14:55:08 -0400 (EDT)
Received: from lexus.isprime.com ([127.0.0.1])
 by localhost (lexus.isprime.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 34197-07 for <freebsd-net@freebsd.org>;
 Fri, 20 Aug 2004 14:55:07 -0400 (EDT)
Received: from [66.230.128.34] (winter.isprime.com [66.230.128.34])
	by lexus.isprime.com (Postfix) with ESMTP id 8688539E26E
	for <freebsd-net@freebsd.org>; Fri, 20 Aug 2004 14:55:07 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v619)
Content-Transfer-Encoding: 7bit
Message-Id: <7493FA89-F2DA-11D8-A26D-000A958F0F6A@isprime.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed
To: freebsd-net@freebsd.org
From: Phil Rosenthal <pr@isprime.com>
Date: Fri, 20 Aug 2004 14:55:08 -0400
X-Mailer: Apple Mail (2.619)
X-Virus-Scanned: by amavisd-new at mail.isprime.com
Subject: L2TP/IPSec server on FreeBSD
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Aug 2004 18:55:09 -0000

Hello,

I've been trying to set up racoon on FreeBSD to serve as a VPN Server 
that I can connect into using the OS X L2TP/IPSec client, or the 
Windows L2TP/IPSec client, preferably from dynamic ip's, preferably 
from NAT.

The point would be to have secure internet access behind, say, open 
free hotel wifi, or open starbucks wifi.

I've found many examples of freebsd w/racoon to connect to freebsd 
w/racoon when both have public static IP's, and no NAT, but none for 
"road warriors" behind random ips, possibly NAT, and the examples i've 
seen talk about IPSec, but don't mention L2TP.

Has anyone actually set this up?

I know it's possible to do this on a Cisco 2600, or using a windows 
2000 server or mac os x server box.

Thanks