Date: Wed, 9 Aug 2006 22:44:30 +0200 From: Stefan Bethke <stb@lassitu.de> To: Odhiambo Washington <wash@wananchi.com> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD as a VPN Server/Router Message-ID: <BE9BC7D9-E356-49CA-8F41-9B76B0079C9E@lassitu.de> In-Reply-To: <20060809173312.GA45250@ns2.wananchi.com> References: <20060809173312.GA45250@ns2.wananchi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 09.08.2006 um 19:33 schrieb Odhiambo Washington: > In this scenario, siteA has several applications running on several > windows servers which are behind the FreeBSD box. The challenge is > to allow siteB to access these applications securely via the WAN > setup. VPN comes straight to mind, but this is a new area to me. OpenVPN certainly fits your requirements. Besides a routed connection between two sides, it also offers a bridged setup, so it is ideally suited for connecting two Windows-centric networks. We use it at work for home VPNs as well as road warriors, configuration is straightforward, and performance is absolutely acceptable. IPSec has been mentioned before; I've had trouble understanding the configuration and how to diagnose problems. We did get it to work in the office, but only with a lot of trial and error. isakmpd and racoon are... idiosyncratic, to be polite. vtun has had major security issues in the past, so I would be wary, but I haven't looked into it for the past two years. pfSense is a FreeBSD-based firewall/routing OS, so you'd need to replace your existing FreeBSD routers with it, or add additional boxes. Stefan -- Stefan Bethke <stb@lassitu.de> Fon +49 170 346 0140
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BE9BC7D9-E356-49CA-8F41-9B76B0079C9E>