From owner-freebsd-questions Mon Nov 19 7: 5:55 2001 Delivered-To: freebsd-questions@freebsd.org Received: from hotmail.com (f64.law3.hotmail.com [209.185.241.64]) by hub.freebsd.org (Postfix) with ESMTP id 3C5B237B416 for ; Mon, 19 Nov 2001 07:05:53 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Mon, 19 Nov 2001 07:05:53 -0800 Received: from 139.108.190.213 by lw3fd.law3.hotmail.msn.com with HTTP; Mon, 19 Nov 2001 15:05:52 GMT X-Originating-IP: [139.108.190.213] From: "Thor Legvold" To: freebsd-questions@freebsd.org Subject: Software for VPN's ? (long) Date: Mon, 19 Nov 2001 15:05:52 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 19 Nov 2001 15:05:53.0152 (UTC) FILETIME=[AEA21000:01C1710B] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Next question (now that the firewall and nat are finally working properly): FreeBSD 4.4-STABLE My ISP goes from an "open" NAT/DHCP system (wireless Lucent cards) to a "closed" VPN system (to make users authenticate themselves before getting on the net, and for bandwidth control) on wednsday. They say all I need is a pptp client to conenct to their server, it will give me a routable IP (at present we get non routable behind the ISP's NAT) and verify taht I'm who I say I am, and that's it - I'm on the internet. I've been searching Deja and there seems to be many ways to do this - ppp, poptop (port), mpd, mpd-netgraph, probably others. I don't really understand what a VPN is (thought I did, but I really have problems visualizing it in this particular case), so I'm not sure which package I should use. Netgraph seems particularly elegant in design, but I have no idea if it's what I need, or if there's a simpler/more efficient way to do things. As far as I know: My Lucent card gets a non routable IP via DHCP at boot time from the ISP server (this works). Routing, nat and firewall all work automagically. I point my pptp client at a static non routable IP (in the same subrange as the DHCP assigned address) where the pptp server lives. The two do pap/chap, agree I'm me, pptp server dynamically gives me a routable IP (from a pool my ISP "owns", I imagine). My routing tables have to be upgraded with all the new (post pptp) info, because the dhcp info received previously is all wrong now - right? Does this work automatically, or do I need a script somewhere after login (like with some PPP connections)? Any/all pointers recommendations appreciated :-) Regards, Thor _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message