FreeBSD as a VPN Server/Router
Stefan Bethke
stb at lassitu.de
Wed Aug 9 20:44:45 UTC 2006
Am 09.08.2006 um 19:33 schrieb Odhiambo Washington:
> In this scenario, siteA has several applications running on several
> windows servers which are behind the FreeBSD box. The challenge is
> to allow siteB to access these applications securely via the WAN
> setup. VPN comes straight to mind, but this is a new area to me.
OpenVPN certainly fits your requirements. Besides a routed
connection between two sides, it also offers a bridged setup, so it
is ideally suited for connecting two Windows-centric networks.
We use it at work for home VPNs as well as road warriors,
configuration is straightforward, and performance is absolutely
acceptable.
IPSec has been mentioned before; I've had trouble understanding the
configuration and how to diagnose problems. We did get it to work in
the office, but only with a lot of trial and error. isakmpd and
racoon are... idiosyncratic, to be polite.
vtun has had major security issues in the past, so I would be wary,
but I haven't looked into it for the past two years.
pfSense is a FreeBSD-based firewall/routing OS, so you'd need to
replace your existing FreeBSD routers with it, or add additional boxes.
Stefan
--
Stefan Bethke <stb at lassitu.de> Fon +49 170 346 0140
More information about the freebsd-questions
mailing list