VPN Gateway to M$ Windows

Foster, ThomasX thomasx.foster at intel.com
Tue Apr 27 11:20:47 PDT 2004

Define gateway:

Would you like to use the Windows Server as your PPTP/VPN server.. or do
you want to use MPD ?  MPD (to my knowledge) cannot query the LDAP
server that resides on the Windows server to authenticate users.. so
there are a couple of different approaches..

Poke holes in your firewall and forward the ports to your Windows server
which will run their RRAS implementation of PPTP

Run MPD on a FreeBSD server behind your firewall and manage the accounts
via your MPD links definitions.

Please correct me if I am wrong, but it depends on how you want to
manage your VPN accounts, for I have not found a way to use an account
database external to MPD's link definitions.


Thomas Foster

-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Odhiambo
Sent: Tuesday, April 27, 2004 6:45 AM
To: freebsd-questions at freebsd.org
Cc: gnb at lightning.itga.com.au; archie at freebsd.org
Subject: VPN Gateway to M$ Windows


The wind doesn't seem to be blowing in my direction. Either I am getting
crazy or just losing touch. I am reading all the doco I can lay my hands
on about setting up a VPN gw and this is to use MPD. Now there is a nice
page (I love the setup notes this guy made!) here:


It talks about mpd-3.2 and 3.3 and this was written long ago. But
looking at my ports (4.9-STABLE and 5.2.1-RELEASE) the Makefile in
the /usr/ports/net/mpd show it's version 3.17.

At the time of writing his doco, March 2001, Gregory he says that mpd
was at version 3.2. That has lost me!
Was the port downgraded? Does anyone know if the patches for
external-auth were made part of the 3.17 port??

OK. I would like to setup a VPN gateway to a Microsuck Windows box. I've
had suggestions to use Cisco PIX for this, but I was wondering what it
is that the Cisco thingy will do that FreeBSD with MPD won't do. I am
also looking at other "secure implementations" of this project. I'm
still googling (giggling ;-)) but any other pointers are most welcome.



    |\      _,,,---,,_     | Odhiambo Washington    <wash at wananchi.com>
Zzz /,`.-'`'    -.  ;-;;,_ | Wananchi Online Ltd.   www.wananchi.com
   |,4-  ) )-,_. ,\ (  `'-'| Tel: +254 20 313985-9  +254 20 313922
  '---''(_/--'  `-'\_)     | GSM: +254 722 743223   +254 733 744121
It is not enough to succeed.  Others must fail.
		-- Gore Vidal
freebsd-questions at freebsd.org mailing list
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list