Date: Wed, 8 Aug 2001 16:30:49 -0400 (EDT) From: raymond hicks <diesel@bsdvault.net> To: <freebsd-stable@freebsd.org> Subject: Dynamic enpoint IPsec VPN? Message-ID: <20010808162958.Q50937-100000@logicalhost.com>
next in thread | raw e-mail | index | archive | help
I was hoping to use freebsd box in the following capacity:
1) Gateway firewall doing Tunnel mode VPN between 2 offices ( another
similar freebsd box at remote office).
2) provide persons with dynamic ip ( dial clients) the ability to tunnel
into the network using Win2000 ipsec client.
I can get my windows clients to authenticate and do VPN with the FreeBSD
boxes no problem but, I was wondering if anyone has done this with the
windows clients being dynamic? I was hoping that I could go even further
and have the FreeBSD box hand the dial user an address that is physically
on
the protected network behind the Tunnel interface. The following is an
example....
Host A has:
Lan network 10.1.1.0/24
WAN address 208.209.166.1
Host B has:
Lan network 10.2.2.0/24
WAN address 208.209.166.18
I want to run tunnel mode between the wan addresss for both 10 networks.
I
would like to perhaps have a site C configured similarly but have host A
acting as a HUB and host B and C never need to talk. I would also like
for
Host A to allocate host addresses 240 through 254 as an IP-Pool for use to
hand out to remote clients that authenticate to it. Is this at all
possible
with the current Stack?
Any help is greatly appreciated.
Raymond Hicks
Network Security Engineer
Development Global IPvpn
UUNet Technologies
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010808162958.Q50937-100000>