IPSEC documentation

Alexey Popov llp at iteranet.com
Wed Dec 28 22:50:49 PST 2005


Hi.

VANHULLEBUS Yvan wrote:
>>- L2TP + IPSEC transport mode (= Windows road warrier)
> Did someone tried such a setup ?
> is there a L2TPD daemon running on FreeBSD which could be used for
> that ?
I'm successfully using security/racoon and net/sl2tps with Windows 
XP/2003 L2TP clients. I've tried pre-shared key as well as X.509 
certificates auth.

> Note also that, for now, this won't work easily, as it will require
> dynamic SP entries (roadwarriors....), but I think racoon currently
> can't deal with dynamic policies when ports specified (I'll check
> that).
racoon has passive_mode option. When it is enabled, racoon can create 
SPD entries for road warriors.

If we would also have NAT-T support, FreeBSD would be the best choice 
of VPN concentrator.

With best regards,
Alexey Popov


More information about the freebsd-net mailing list