IKEv2/IPSEC "Road Warrior" VPN Tunneling?
Michael Sierchio
kudzu at tenebras.com
Fri Apr 12 14:48:19 UTC 2013
On Thu, Apr 11, 2013 at 10:27 PM, Eugene Grosbein <egrosbein at rdtc.ru> wrote:
> 12.04.2013 05:31, Karl Denninger пишет:
>> Is there a "cookbook" for setting this up? There are examples for
>> setting up a tunnel between two fixed-address networks (e.g. a remote
>> LAN that needs to be "integrated" with a central LAN over IPSec but I
>> can't find anything addressing the other situation -- remote user(s)
>> where the connecting IPs are not known in advance, such as a person with
>> a laptop or smartphone in a random hotel.
> You'll need to install the port security/ipsec-tools for IKE protocol support.
> This port contains racoon daemon, here is sample racoon.conf:
You may need something not in the GENERIC kernel on the server side
options IPSEC_NAT_T
and if you're supporting OS X clients with L2TP, you'll want to
install mpd5 from the ports. And patch racoon to use a single shared
secret across users.
Howto set up a L2TP/IPsec VPN Dial-In Server
http://forums.freebsd.org/showthread.php?t=26755
- M
More information about the freebsd-net
mailing list