Date: Wed, 23 Oct 2002 01:24:53 +0200 From: Palle Girgensohn <girgen@pingpong.net> To: freebsd-security@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: ipsec, ESP & IKE, freebsd as vpn `client' <-> openbsd, how? Message-ID: <133830000.1035329093@palle.girgensohn.se>
next in thread | raw e-mail | index | archive | help
Hi! We just moved our company to a new `office hotel', and they have an openbsd firewall with an VPN setup that I should be able to use from home. A consultant set the openbsd machine up, and the guys in the new office knows absolutely nothing about unix whatsoever. When asking how to use the VPN, I got instructions for setting up the windows utility `PGP Desktop Security'. Fine, I thought, I have the info I need: - a shared secret - IKE is used - ESP is used - no AH - the preferred order for ciphers and hashes Here's what I want to do: Home, 1.2.3.4 (dhcp address) | | ipsec tunnel | OpenBSD, 5.6.7.8 w/ NAT 192.168.1.1 | --------------------------------------------- ... | | | | 192.168.1.2 192.168.1.3 192.168.1.4 192.168.1.5 I want to access the machines behind the FW. Pretty straight forward, huh? ;-) Anyway, I know the OpenBSD machine uses isakmpd, so I started looking at that port, but the docs are very confusing. Also checked racoon, and I guess both should work, but all examples are for setting up both ends at once - in this case the `server' peer is already setup, and I don't exactly how, just roughly. Problem is, I just don't have time to learn everything about ipsec at this time, I need the connection working yesterday... :-( Is there a crash course / FAQ that will actually help me? Or can someone just give some hints on how to set things up on the FreeBSD end, from scratch? Thanks in advance Palle To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?133830000.1035329093>