Date: Fri, 31 Jan 2003 17:28:00 -0800 From: Sean Chittenden <sean@chittenden.org> To: Christoph Kukulies <kuku@physik.rwth-aachen.de> Cc: freebsd-current@freebsd.org Subject: Re: Cisco vpnclient Message-ID: <20030201012800.GH15936@perrin.int.nxad.com> In-Reply-To: <200301311053.LAA25242@accms33.physik.rwth-aachen.de> References: <200301311053.LAA25242@accms33.physik.rwth-aachen.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> Cisco is offering a VPN client for Linux. I wonder if it would be > possible to run this under FreeBSD. An extra linux kernel module is > being built. Is this already the 'ruled out'? > > If this won't work, I'm afraid I will have to set a dedicated redhat > 6.x/7.x beside my FreeBSD gateway. Would it be possible to use NAT > to extend the VPN (I only have one dedicated fixed IP on the > gateway). Might I suggest using pppd + ssh. In my prior experience, it worked worlds better than the Cisco VPN client and was likely provided a more secure authentication (ssh keys vs. IKE?). As an added bonus, it ssh + pppd doesn't hijack your interface so you can connect to the Internet directly and to your office without having to send your normal Internet traffic through the office. Yes there are security problems with this, but running ipf(w) on the split host works exceedingly well and is generally a tighter firewall than what's put up to protect the office. ;) -sc -- Sean Chittenden To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030201012800.GH15936>