From owner-freebsd-questions Thu Mar 14 12:48:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from w2xo.pgh.pa.us (18.gibs5.xdsl.nauticom.net [209.195.184.19]) by hub.freebsd.org (Postfix) with ESMTP id 8B8FC37B402 for ; Thu, 14 Mar 2002 12:48:08 -0800 (PST) Received: from there (pgh.nepinc.com [66.207.129.50]) by w2xo.pgh.pa.us (8.11.6/8.11.3) with SMTP id g2EKlnT46671; Thu, 14 Mar 2002 20:47:50 GMT (envelope-from durham@w2xo.pgh.pa.us) Message-Id: <200203142047.g2EKlnT46671@w2xo.pgh.pa.us> Content-Type: text/plain; charset="iso-8859-1" From: Jim Durham To: BSD Freak , FreeBSD Questions Subject: Re: VPN tunnels using gif interface Date: Thu, 14 Mar 2002 15:47:47 -0500 X-Mailer: KMail [version 1.3] References: <1f07f831f05bfc.1f05bfc1f07f83@mbox.com.au> In-Reply-To: <1f07f831f05bfc.1f05bfc1f07f83@mbox.com.au> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tuesday 12 March 2002 12:55 am, BSD Freak wrote: > Hi everyone, > > I hope you all having a good day...... > > Well I've got a bit of a dilemma.... I have setup FreeBSD as a > IPSEC/gif tunnel VPN gateway between multiple sites but now I need > to have travelling Windoze and Linux laptops to be able to tunnel > into the corporate network. So far I have been doing this with an > NT box behind the gateway running a PPTP server but I really want > to decomission this silly old thing. I have googled all round the > place but not found any thing regarding the possibility of > estabilishing a gif tunnel with my FreeBSD gateway from Windoze or > Linux clients, surely this must be possible? I have even got > transport mode IPSEC working from Windoze laptops so a gif tunnel > is my last step for a perfect FreeBSD VPN solution. Is this > possible? If not what other options do I have for getting > travelling laptops onto our corporate network (and SSH port > forwarding is not an option). > I have a similar situation, 2 sites on either side of the country and lots of remote users with Windows boxes. I run 'mpd' from the ports collection and use the Windows client's VPN to connect to it. Works very nicely. To connect between the 2 offices, I use IPSEC and 'raccoon' to exchange keys between 2 FreeBSD machines. I also can do IPSEC between my machine at home and the office. Using mpd and samba2.2, VPN users can see the whole 'Network Neighborhood' from any location (well, unless they block ports like a current venue our guys are working 8-) ) . They can "log in" ( or "log on" as M$ is fond of saying..gotta be different!) to the NetBios network and browse and drag and drop to their little heart's content. I've had enough enquiries about this stuff that I'm considering setting up a web page with some HowTos. Just need the time! -Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message