From owner-freebsd-questions@FreeBSD.ORG  Thu Mar 31 15:57:28 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 364E416A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 31 Mar 2005 15:57:28 +0000 (GMT)
Received: from motgate3.mot.com (motgate3.mot.com [144.189.100.103])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2433A43D1F
	for <freebsd-questions@freebsd.org>;
	Thu, 31 Mar 2005 15:57:19 +0000 (GMT)
	(envelope-from Charles.S.Libby@motorola.com)
Received: from il06exr04.mot.com (il06exr04.mot.com [129.188.137.134])
	by motgate3.mot.com (8.12.11/Motgate3) with ESMTP id j2VG5hhD000028
	for <freebsd-questions@freebsd.org>;
	Thu, 31 Mar 2005 09:05:44 -0700 (MST)
Received: from il06exm62.ds.mot.com (IL06EXM62.corp.mot.com [10.0.111.44])
	by il06exr04.mot.com (8.13.1/8.13.0) with ESMTP id j2VFwbXe005201
	for <freebsd-questions@freebsd.org>;
	Thu, 31 Mar 2005 09:58:37 -0600 (CST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 31 Mar 2005 09:57:12 -0600
Message-ID: <B9ACB6F8DAB0D04CAFCA425D3D2DAE656CBE94@il06exm62.ds.mot.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: IPsec How-to
Thread-Index: AcU2CUrO0QddNgqmR76DIzIeDAG/ZQAACs2A
From: "Libby Charles-CCL044" <Charles.S.Libby@motorola.com>
To: "Luke Kearney" <lukek@meibin.net>
cc: freebsd-questions@freebsd.org
Subject: RE: IPsec How-to
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2005 15:57:28 -0000

>From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Luke Kearney
>Sent: Thursday, March 31, 2005 9:46 AM
>To: Monah Baki
>Cc: freebsd-questions@freebsd.org
>Subject: Re: IPsec How-to
>
>> Hi all,
>>=20
>> I'm reading the FreeBSD handbook, the vpn over ipsec how-to section,=20
>> but how do I apply it if I have 1 freebsd machine with 1 NIC, and=20
>> multiple XP boxes in a LAN. All communications nfs, ftp etc etc to=20
>> that Freebsd machine must be encrypted. Can it be done? is there any=20
>> how to for this scenario somewhere?
>>=20
>>=20
>> Thank you
>
>Hi,
>Yes it is possible though I won't claim to have done it myself but you
would probably be best to start off by looking
>into a program like racoon or something then set up each machine with
the private keys or certificates. I believe XP is
> pretty easy setup when it comes to IPSec.

It is easy to set up, but it only has single key functionality.  It does
not fully support IPSec.  This is a big reason why they do not broadcast
it usablity.  They rely on other VPN solutions.  One that is up and
coming is VPN through SSL.

Charles