FreeBSD as a VPN Server/Router

Stefan Bethke stb at lassitu.de
Wed Aug 9 20:44:45 UTC 2006


Am 09.08.2006 um 19:33 schrieb Odhiambo Washington:

> In this scenario, siteA has several applications running on several  
> windows servers which are behind the FreeBSD box. The challenge is  
> to allow siteB to access these applications securely via the WAN  
> setup. VPN comes straight to mind, but this is a new area to me.

OpenVPN certainly fits your requirements.  Besides a routed  
connection between two sides, it also offers a bridged setup, so it  
is ideally suited for connecting two Windows-centric networks.

We use it at work for home VPNs as well as road warriors,  
configuration is straightforward, and performance is absolutely  
acceptable.

IPSec has been mentioned before; I've had trouble understanding the  
configuration and how to diagnose problems. We did get it to work in  
the office, but only with a lot of trial and error.  isakmpd and  
racoon are... idiosyncratic, to be polite.

vtun has had major security issues in the past, so I would be wary,  
but I haven't looked into it for the past two years.

pfSense is a FreeBSD-based firewall/routing OS, so you'd need to  
replace your existing FreeBSD routers with it, or add additional boxes.


Stefan

-- 
Stefan Bethke <stb at lassitu.de>   Fon +49 170 346 0140




More information about the freebsd-questions mailing list