Date: Wed, 20 Nov 2002 11:02:22 +0100 From: "Marcin M. Jessa" <yazzy@ezunix.org> To: freebsd-isp@freebsd.org, freebsd-security@freebsd.org Subject: VPN and roaming Windows 2K clients Message-ID: <20021120100222.GA68431@yazzy.org>
next in thread | raw e-mail | index | archive | help
Hi guys.
Do you know how to make a FreeBSD firewall a VPN server for roaming Win2K boxes (Win2k users without static IP's)?
I've been playing with racoon for a few days but it seems that the only way it can authenticate roaming Windows VLAN users
is with preshared certificates.
This again excludes usage of manual keying (pre_shared_keys) which is nessesary for accepting connections from dynamic IP's.
The preshared keys method can be configured to accept connections from specified hostnames and that could work with windows
boxes that run a dyndns client. Again Windows and racoon can only communicate using certificates and not manual keying.... an evil circle. Windows can speak with racoon if one makes racoon to automatically exchange keys but this works only if Windows clients have static IP's...
Have any of you guys an idea about what to do to combine these methods?
Or maybe there is a workaround?
Please squeeze your brains and let me know about whatever you think may be of interest in this metter.
Thanks in advance.
YazzY
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021120100222.GA68431>