Date: Tue, 24 Jan 2006 18:43:34 -0800 From: Julian Elischer <julian@elischer.org> To: gahn <ipfreak@yahoo.com> Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: IPsec, VPN and FreeBSD Message-ID: <43D6E5D6.9010705@elischer.org> In-Reply-To: <20060125021915.59670.qmail@web52102.mail.yahoo.com> References: <20060125021915.59670.qmail@web52102.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
gahn wrote: >Thanks Julian: > >Well, the another site is using a linux box for >firewall. We have extra PCs available so we could >build another FreeBSD box. That probably makes the VPN >setup a lot easier between two sites. > >As to the roaming users, very unlikely there will be >dial-up line, but those users could be on road and >using ISPs to connect the internal lab. both sites are >labs. > >I will try the roaming clients<--->freebsd vpn server >first. > > ok google for mpd and pptp > > >--- Julian Elischer <julian@elischer.org> wrote: > > > >>gahn wrote: >> >> >> >>>Hi: >>> >>>We intend to build IPSec based VPN server on >>> >>> >>FreeBSD >> >> >>>platform so that we can access internal network of >>> >>> >>a >> >> >>>lab. The remote side will use VPN client and could >>> >>> >>be >>>from anywhere of the Internet, or may be from the >> >> >>>another site of the company. From the hnadbook, I >>> >>> >>saw >> >> >>>the sample of site-to-site configurations and we do >>>have one FreeBSD firewall (running ipfw) on both >>> >>> >>site >> >> >>>and another one on another site (both have >>> >>> >>firewalls >> >> >>>on them), can we do that? Also what about the >>>client-server model? What kind of clients do we >>> >>> >>need >> >> >>>in order to connect to the FreeBSD/IPsec/VPN? Any >>>tips/information for the configuration of the >>>clients/server model on internet? >>> >>>Any help will be greatly appreciated. >>> >>> >>> >>> >>there are almost too many options to mention.. >> >>however you should be able to implement pptp >>tunnels (as used on windows) using mpd (in ports) >>alternatively there is always ssh or ipsec. >>(or a combination of them) >> >>If as you suggest, both ends are freebsd, then I've >>used mpd over ssh >>with great effect. >>use the 'tcp transport' option of mpd and connect it >>through an ssh tunnel. >> >>is the 'client' roaming or at a fixed address? if a >>fixed address then >>ipsec becomes easier. >> >> >> >> >> >>>Thanks >>> >>> >>> >>>__________________________________________________ >>>Do You Yahoo!? >>>Tired of spam? Yahoo! Mail has the best spam >>> >>> >>protection around >> >> >>>http://mail.yahoo.com >>>_______________________________________________ >>>freebsd-security@freebsd.org mailing list >>> >>> >>http://lists.freebsd.org/mailman/listinfo/freebsd-security >> >> >>>To unsubscribe, send any mail to >>> >>> >>"freebsd-security-unsubscribe@freebsd.org" >> >> >>> >>> >>> >>> >>_______________________________________________ >>freebsd-questions@freebsd.org mailing list >> >> >> >http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > >>To unsubscribe, send any mail to >>"freebsd-questions-unsubscribe@freebsd.org" >> >> >> > > >__________________________________________________ >Do You Yahoo!? >Tired of spam? Yahoo! Mail has the best spam protection around >http://mail.yahoo.com > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43D6E5D6.9010705>