Date: Wed, 9 Oct 2002 18:09:02 +0300 From: Peter Pentchev <roam@ringlet.net> To: Andy <seahorse51@attbi.com> Cc: Ivailo Tanusheff <i.tanusheff@procreditbank.com>, FreeBSD Questions <freebsd-questions@FreeBSD.ORG>, FreeBSD Net <freebsd-net@FreeBSD.ORG>, FreeBSD Security <freebsd-security@FreeBSD.ORG> Subject: Re: VPN Tunneling Message-ID: <20021009150902.GV376@straylight.oblivion.bg> In-Reply-To: <5.1.1.6.0.20021009083403.01c88f88@mail.seahorse.wsonline.net> References: <01d901c26f81$984bbd40$faf810ac@sof.procreditbank.bg> <01d901c26f81$984bbd40$faf810ac@sof.procreditbank.bg> <5.1.1.6.0.20021009083403.01c88f88@mail.seahorse.wsonline.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--xe2geHXJg22At20M
Content-Type: text/plain; charset=windows-1251
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Oct 09, 2002 at 08:37:30AM -0600, Andy wrote:
>=20
> >On Wed, Oct 09, 2002 at 01:49:51PM +0300, Ivailo Tanusheff wrote:
> >Hello,
> >
> >I'm trying to make a VPN tunnel between a FreeBSD machine and a Win2K
> >Machine. My configuration is:
> >
> >{Net1} <---> <FreeBSD> <--...--> <Win2K> <---> {Net2}
> >
> >Win2k machine has dynamically assigned IP address as it's connecting to
> >public ISP. Can you help me build the tunnel?
>=20
> At 05:04 10/09/2002, Peter Pentchev wrote:
>=20
> >Take a look at the net/mpd port; it needs Netgraph either built into the
> >kernel, or loaded as a KLD. Then, on the Win2K side, use the PPTP VPN
> >connections ('Connect to a private network through the Internet').
> >Things are *very* easy to set up, actually :)
> >
> >Drop me a private mail if you need some help, or we just might meet on
> >IRC :)
> >
> >G'luck,
> >Peter
>=20
> Will this method permit incoming connections from the out side Internet a=
nd=20
> then forward them to a box with an internal IP address on net1? Where th=
e=20
> FreeBSD box is acting as a gateway/natd for the net1 internal network.
In this case, the FreeBSD box does not act as a gateway, merely as a
tunnel endpoint. It may be otherwise configured to act as a NAT
gateway, but this is independend: this allows another FreeBSD or Win2K
or maybe even Linux box to establish a PPTP VPN tunnel, and perform
direct routing between net1 and net2. Any machine within net1 will be
abel to reach net2 directly, and vice versa.
To let machines from the outside Internet -- not the other side of the
tunnel -- reach the inside boxes, you will need to set up some other NAT
mechanism, but, once again, this is entirely independent of mpd - mpd
will provide the VPN functionality regardless of whether the FreeBSD box
is also acting as a NAT gateway.
G'luck,
Peter
--=20
Peter Pentchev roam@ringlet.net roam@FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
I am not the subject of this sentence.
--xe2geHXJg22At20M
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (FreeBSD)
iD8DBQE9pEaO7Ri2jRYZRVMRAnxTAJsE5UmtoHy0CGL5G+A/h2QD8kN5HQCeNEc7
DEcwpPcTKKYbXAsW+8Yrc38=
=kaSl
-----END PGP SIGNATURE-----
--xe2geHXJg22At20M--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021009150902.GV376>